FreeBSD : kdelibs -- kimgio input validation errors (06404241-b306-11d9-a788-0001020eed82)

high Nessus Plugin ID 18828

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

A KDE Security Advisory reports :

kimgio contains a PCX image file format reader that does not properly perform input validation. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers, some of them exploitable to execute arbitrary code.

Impact: Remotely supplied, specially crafted image files can be used to execute arbitrary code.

Solution

Update the affected package.

See Also

https://bugs.kde.org/102328

https://www.kde.org/info/security/advisory-20050421-1.txt

http://www.nessus.org/u?b246f618

Plugin Details

Severity: High

ID: 18828

File Name: freebsd_pkg_06404241b30611d9a7880001020eed82.nasl

Version: 1.17

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:kdelibs, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 4/22/2005

Vulnerability Publication Date: 4/21/2005

Reference Information

CVE: CVE-2005-1046