Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> SuSE Local Security Checks >> SUSE-SA:2005:065: gtk2, gdk-pixbuf


Vulnerability Assessment Details

SUSE-SA:2005:065: gtk2, gdk-pixbuf

Vulnerability Assessment Summary
Check for the version of the gtk2, gdk-pixbuf package

Detailed Explanation for this Vulnerability Assessment

The remote host is missing the patch for the advisory SUSE-SA:2005:065 (gtk2, gdk-pixbuf).


The image loading library of the gdk-pixbug/gtk2 package is vulnerable
to several security-related bugs. This makes every application (mostly
GNOME applications) which is linked against this library vulnerable too.

A carefully crafted XPM file can be used to execute arbitrary code while
processing the image file. (CVE-2005-3186)

Additionally Ludwig Nussel from the SuSE Security-Team discovered an
integer overflow bug that can be used to execute arbitray code too
(CVE-2005-2976), and an infinite loop which leads to a denial-of-service
bug. (CVE-2005-2975)


Solution : http://www.suse.de/security/advisories/2005_65_gtk2.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors

Lot of (136) 30-1410-03 Cisco 1Gbps RJ45 Connector SFP Transceiver Module
$2040.0
Lot of (136) 30-1410-03 Cisco 1Gbps RJ45 Connector SFP Transceiver Module pictureCisco UCS 6248UP Fabric Interconnect Managed Switch UCS-FI-6248UP (7247516)
$250.0
Cisco UCS 6248UP Fabric Interconnect Managed Switch UCS-FI-6248UP (7247516) pictureCisco MERAKI MR12 Access Point 802.11n 300 Mbps No power cord
$34.95
Cisco MERAKI MR12 Access Point 802.11n 300 Mbps No power cord  pictureCISCO UCS C24 M3 SERVER TWO E5-2430 2.20GHZ 64GB NO HDD
$1099.0
CISCO UCS C24 M3 SERVER TWO E5-2430 2.20GHZ 64GB NO HDD picture


Discussions

No Discussions have been posted on this vulnerability.