CVE-2005-2975
published 2005-11-18CVE-2005-2975: io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM…
PriorityP423high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
3.12%
86.2th percentile
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gdk-pixbuf | < gdk-pixbuf 0.22.0-11 (bookworm) | gdk-pixbuf 0.22.0-11 (bookworm) |
| debian | gtk+2.0 | < gdk-pixbuf 0.22.0-11 (bookworm) | gdk-pixbuf 0.22.0-11 (bookworm) |
| gnome | gdk-pixbuf | >= 0 < 0.22.0-11 | 0.22.0-11 |
| gnome | gdk-pixbuf | >= 0 < 0.22.0-11 | 0.22.0-11 |
| gnome | gdk-pixbuf | >= 0 < 0.22.0-11 | 0.22.0-11 |
| gnome | gdk-pixbuf | >= 0 < 0.22.0-11 | 0.22.0-11 |
| gnome | gtk | < 2.8.7 | 2.8.7 |
CVSS provenance
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
osv7.8HIGH
vendor_debian7.8LOW
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GDK vulnerabilities
vendor_ubuntu·2005-11-16·CVSS 7.8
CVE-2005-2975 [HIGH] GDK vulnerabilities
Title: GDK vulnerabilities
Summary: GDK vulnerabilities
Two integer overflows have been discovered in the XPM image loader of
the GDK pixbuf library. By tricking an user into opening a specially
crafted XPM image with any Gnome desktop application that uses this
library, this could be exploited to execute arbitrary code with the
privileges of the user running the application.
(CVE-2005-2976, CVE-2005-3186)
Additionally, specially crafted XPM images could cause an endless loop
in the image loader, which could be exploited to cause applications
trying to open that image to hang. (CVE-2005-2975)
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-11-15·CVSS 7.8
CVE-2005-2975 [HIGH] security flaw
security flaw
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Debian
CVE-2005-2975: gdk-pixbuf - io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allo...
vendor_debian·2005·CVSS 7.8
CVE-2005-2975 [HIGH] CVE-2005-2975: gdk-pixbuf - io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allo...
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Scope: local
bookworm: resolved (fixed in 0.22.0-11)
bullseye: resolved (fixed in 0.22.0-11)
forky: resolved (fixed in 0.22.0-11)
sid: resolved (fixed in 0.22.0-11)
trixie: resolved (fixed in 0.22.0-11)
GHSA
GHSA-phx5-g4g8-gf47: io-xpm
ghsa_unreviewed·2022-05-01
CVE-2005-2975 [HIGH] GHSA-phx5-g4g8-gf47: io-xpm
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
OSV
CVE-2005-2975: io-xpm
osv·2005-11-18·CVSS 7.8
CVE-2005-2975 [HIGH] CVE-2005-2975: io-xpm
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-2975 security flaw
bugzilla·2018-08-16·CVSS 7.8
CVE-2005-2975 [HIGH] CVE-2005-2975 security flaw
CVE-2005-2975 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
---
Statement:
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Bugzilla
CVE-2005-2975 Multiple XPM processing issues (CVE-2005-2976)
bugzilla·2005-10-27·CVSS 7.8
CVE-2005-2975 [HIGH] CVE-2005-2975 Multiple XPM processing issues (CVE-2005-2976)
CVE-2005-2975 Multiple XPM processing issues (CVE-2005-2976)
These issues were reported by Ludwig Nussel of Suse.
When gdk-pixbuf processes a bad XPM file, it fails to verify that width * height
* colors doesn't cause an integer overflow.
Additionally gdk-pixbuf will enter an infinite loop if the number of colors
provided is very large, but not large enough to cause an integer overflow.
Discussion:
These issues should also affect RHEL2.1 and RHEL3.
---
Created attachment 120473
Patch for the integer overflow
---
Created attachment 120474
Fix for the large color DoS
---
Lifting embargo
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution
Bugzilla
CVE-2005-2975 gtk2 XPM DoS
bugzilla·2005-10-27·CVSS 7.8
CVE-2005-2975 [HIGH] CVE-2005-2975 gtk2 XPM DoS
CVE-2005-2975 gtk2 XPM DoS
This issue was reported by Ludwig Nussel of Suse.
gtk2 will enter an infinite loop if the number of colors provided is very large,
but not large enough to cause an integer overflow.
Created an attachment (id=120474)
Fix for the large color DoS
Discussion:
This issue also affects RHEL3
---
Lifting embargo
---
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2005-811.html
http://secunia.com/advisories/17522http://secunia.com/advisories/17538http://secunia.com/advisories/17562http://secunia.com/advisories/17588http://secunia.com/advisories/17591http://secunia.com/advisories/17592http://secunia.com/advisories/17594http://secunia.com/advisories/17615http://secunia.com/advisories/17657http://secunia.com/advisories/17710http://secunia.com/advisories/17770http://secunia.com/advisories/17791http://securitytracker.com/id?1015216http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdfhttp://www.debian.org/security/2005/dsa-911http://www.debian.org/security/2005/dsa-913http://www.gentoo.org/security/en/glsa/glsa-200511-14.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:214http://www.novell.com/linux/security/advisories/2005_65_gtk2.htmlhttp://www.redhat.com/support/errata/RHSA-2005-810.htmlhttp://www.redhat.com/support/errata/RHSA-2005-811.htmlhttp://www.securityfocus.com/archive/1/428052/100/0/threadedhttp://www.securityfocus.com/bid/15429http://www.ubuntu.com/usn/usn-216-1http://www.vupen.com/english/advisories/2005/2433https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697http://secunia.com/advisories/17522http://secunia.com/advisories/17538http://secunia.com/advisories/17562http://secunia.com/advisories/17588http://secunia.com/advisories/17591http://secunia.com/advisories/17592http://secunia.com/advisories/17594http://secunia.com/advisories/17615http://secunia.com/advisories/17657http://secunia.com/advisories/17710http://secunia.com/advisories/17770http://secunia.com/advisories/17791http://securitytracker.com/id?1015216http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdfhttp://www.debian.org/security/2005/dsa-911http://www.debian.org/security/2005/dsa-913http://www.gentoo.org/security/en/glsa/glsa-200511-14.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:214http://www.novell.com/linux/security/advisories/2005_65_gtk2.htmlhttp://www.redhat.com/support/errata/RHSA-2005-810.htmlhttp://www.redhat.com/support/errata/RHSA-2005-811.htmlhttp://www.securityfocus.com/archive/1/428052/100/0/threadedhttp://www.securityfocus.com/bid/15429http://www.ubuntu.com/usn/usn-216-1http://www.vupen.com/english/advisories/2005/2433https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9697
2005-11-18
Published