CVE-2007-0010
published 2007-01-24CVE-2007-0010: The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a…
PriorityP411low2.1CVSS 2.0
AVLACLAuNCNINAP
EXPLOIT
EPSS
0.90%
55.3th percentile
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gtk+2.0 | < gtk+2.0 2.8.20-5 (bookworm) | gtk+2.0 2.8.20-5 (bookworm) |
| gnome | gtk | < 2.4.13 | 2.4.13 |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GTK vulnerability
vendor_ubuntu·2007-02-01
CVE-2007-0010 GTK vulnerability
Title: GTK vulnerability
Summary: GTK vulnerability
A flaw was discovered in the error handling of GTK's image loading
library. Applications opening certain corrupted images could be made to
crash, causing a denial of service.
Instructions: After a standard system upgrade you need to restart your session to
effect the necessary changes.
Red Hat
security flaw
vendor_redhat·2007-01-10·CVSS 2.1
CVE-2007-0010 [LOW] security flaw
security flaw
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
Statement: Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Debian
CVE-2007-0010: gtk+2.0 - The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.1...
vendor_debian·2007·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010: gtk+2.0 - The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.1...
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
Scope: local
bookworm: resolved (fixed in 2.8.20-5)
bullseye: resolved (fixed in 2.8.20-5)
forky: resolved (fixed in 2.8.20-5)
sid: resolved (fixed in 2.8.20-5)
trixie: resolved (fixed in 2.8.20-5)
GHSA
GHSA-p8m8-7wqx-pmvj: The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2
ghsa_unreviewed·2022-05-01
CVE-2007-0010 [LOW] GHSA-p8m8-7wqx-pmvj: The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
OSV
CVE-2007-0010: The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2
osv·2007-01-24·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010: The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
No detection rules found.
Exploit-DB
Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation
exploitdb·2007-01-29
CVE-2007-0467 Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation
Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation
---
#!/usr/bin/ruby
# Copyright (c) 2007 Kevin Finisterre
# Lance M. Havok
# All pwnage reserved.
#
# 1) Stop crashdump from writing to ~/Library/Logs via chmod 000 ~/Library/Logs/CrashReporter
# 2) Make symlink to /Library/Logs/CrashReporter/knownprog.crash.log
# 3) Create a program with a modified __LINKEDIT segment that influences crashreporter output
#
# 0000320: 3800 0000 5f5f 4c49 4e4b 4544 4954 0000 8...__LINKEDIT..
# 0000330: 0000 0000 0040 0000 0010 0000 0030 0000 [email protected]..
# 0000340: 2004 0000 0300 0000 0100 0000 0000 0000 ...............
# 0000350: 0400 0000 0e00 0000 1c00 0000 0c00 0000 ................
# 0000360: 2f75 7372 2f6c 6962 2f64 796c 6400 0000 /usr/lib/dyld...
# 0000370: 0c00 0000 3400 000
Exploit-DB
GTK2 GDKPixBufLoader - Remote Denial of Service
exploitdb·2007-01-24
CVE-2007-0010 GTK2 GDKPixBufLoader - Remote Denial of Service
GTK2 GDKPixBufLoader - Remote Denial of Service
---
source: https://www.securityfocus.com/bid/22209/info
Applications using the gtk2 library may be prone to a denial-of-service vulnerability because the library fails to handle malformed image data.
An attacker can exploit this issue to crash applications on a victim's computer.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29520.mbox
Bugzilla
CVE-2022-50068 kernel: drm/ttm: Fix dummy res NULL ptr deref bug
bugzilla·2025-06-18·CVSS 5.5
CVE-2022-50068 [MEDIUM] CVE-2022-50068 kernel: drm/ttm: Fix dummy res NULL ptr deref bug
CVE-2022-50068 kernel: drm/ttm: Fix dummy res NULL ptr deref bug
In the Linux kernel, the following vulnerability has been resolved:
drm/ttm: Fix dummy res NULL ptr deref bug
Check the bo->resource value before accessing the resource
mem_type.
v2: Fix commit description unwrapped warning
[ 40.191227][ T184] general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN PTI
[ 40.192995][ T184] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
[ 40.194411][ T184] CPU: 1 PID: 184 Comm: systemd-udevd Not tainted 5.19.0-rc4-00721-gb297c22b7070 #1
[ 40.196063][ T184] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-4 04/01/2014
[ 40.199605][ T184] RIP: 0010:ttm_bo_validate+0x1b3/0x240 [ttm]
[ 40.2007
Bugzilla
CVE-2007-0010 security flaw
bugzilla·2018-08-16·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010 security flaw
CVE-2007-0010 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
---
Statement:
Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Bugzilla
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
bugzilla·2006-12-10·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
+++ This bug was initially created as a clone of Bug #218755 +++
Description of problem:
evolution crashes on the spam mail I'll attach as mbox; the crash may well turn
out to be a security issue in itself. But just crashing is serious since the
next time evo opens it immediately goes back to the same mail and crashes again,
so a non-expert user cannot recover from this.
I suspect RHEL5 is affected too
-- Additional comment from [email protected] on 2006-12-07 06:07 EST --
Created an attachment (id=143043)
mbox with the crashing mail
-- Additional comment from [email protected] on 2006-12-08 10:08 EST --
The file "navigable.gif" is incorrectly encoded. I think evolution should not
feed underl
Bugzilla
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
bugzilla·2006-12-08·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
+++ This bug was initially created as a clone of Bug #218755 +++
Description of problem:
evolution crashes on the spam mail I'll attach as mbox; the crash may well turn
out to be a security issue in itself. But just crashing is serious since the
next time evo opens it immediately goes back to the same mail and crashes again,
so a non-expert user cannot recover from this.
I suspect RHEL5 is affected too
-- Additional comment from [email protected] on 2006-12-07 06:07 EST --
Created an attachment (id=143043)
mbox with the crashing mail
-- Additional comment from [email protected] on 2006-12-08 10:08 EST --
The file "navigable.gif" is incorrectly encoded. I think evolution should not
feed underl
Bugzilla
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
bugzilla·2006-12-08·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
+++ This bug was initially created as a clone of Bug #218755 +++
Description of problem:
evolution crashes on the spam mail I'll attach as mbox; the crash may well turn
out to be a security issue in itself. But just crashing is serious since the
next time evo opens it immediately goes back to the same mail and crashes again,
so a non-expert user cannot recover from this.
I suspect RHEL5 is affected too
-- Additional comment from [email protected] on 2006-12-07 06:07 EST --
Created an attachment (id=143043)
mbox with the crashing mail
-- Additional comment from [email protected] on 2006-12-08 10:08 EST --
The file "navigable.gif" is incorrectly encoded. I think evolution should not
feed underl
Bugzilla
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
bugzilla·2006-12-07·CVSS 2.1
CVE-2007-0010 [LOW] CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
CVE-2007-0010 GdbPixbufLoader fails to handle invalid input from Evolution correctly
Description of problem:
evolution crashes on the spam mail I'll attach as mbox; the crash may well turn
out to be a security issue in itself. But just crashing is serious since the
next time evo opens it immediately goes back to the same mail and crashes again,
so a non-expert user cannot recover from this.
I suspect RHEL5 is affected too
Discussion:
Created attachment 143043
mbox with the crashing mail
---
The file "navigable.gif" is incorrectly encoded. I think evolution should not
feed underlying gdk with the corrupted data, but I doubt an assertion failure
there is the right way to handle the faulty gif.
When you extract the file (with reformime or evolution) and either try to view
it with fir
http://osvdb.org/31621http://secunia.com/advisories/23884http://secunia.com/advisories/23933http://secunia.com/advisories/23935http://secunia.com/advisories/23984http://secunia.com/advisories/24006http://secunia.com/advisories/24010http://secunia.com/advisories/24095http://securitytracker.com/id?1017552http://www.mandriva.com/security/advisories?name=MDKSA-2007:039http://www.novell.com/linux/security/advisories/2007_02_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0019.htmlhttp://www.securityfocus.com/bid/22209http://www.ubuntu.com/usn/usn-415-1http://www.vupen.com/english/advisories/2007/0331https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218932https://issues.rpath.com/browse/RPL-984https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10325https://www.debian.org/security/2007/dsa-1256http://osvdb.org/31621http://secunia.com/advisories/23884http://secunia.com/advisories/23933http://secunia.com/advisories/23935http://secunia.com/advisories/23984http://secunia.com/advisories/24006http://secunia.com/advisories/24010http://secunia.com/advisories/24095http://securitytracker.com/id?1017552http://www.mandriva.com/security/advisories?name=MDKSA-2007:039http://www.novell.com/linux/security/advisories/2007_02_sr.htmlhttp://www.redhat.com/support/errata/RHSA-2007-0019.htmlhttp://www.securityfocus.com/bid/22209http://www.ubuntu.com/usn/usn-415-1http://www.vupen.com/english/advisories/2007/0331https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=218932https://issues.rpath.com/browse/RPL-984https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10325https://www.debian.org/security/2007/dsa-1256
2007-01-24
Published