Detections
Analytics
CentOS 3 / 4 : gdk-pixbuf (CESA-2005:343)
medium Nessus Plugin ID 21806
Synopsis
The remote CentOS host is missing one or more security updates.Description
Updated gdk-pixbuf packages that fix a double free vulnerability are now available.This update has been rated as having important security impact by the Red Hat Security Response Team.
The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment.
A bug was found in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack on applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0891 to this issue.
Users of gdk-pixbuf are advised to upgrade to these packages, which contain a backported patch and is not vulnerable to this issue.
Solution
Update the affected gdk-pixbuf packages.See Also
http://www.nessus.org/u?58cd6a12
http://www.nessus.org/u?1ffa0544
http://www.nessus.org/u?4d0f3e02
Plugin Details
Severity: Medium
ID: 21806
File Name: centos_RHSA-2005-343.nasl
Version: 1.20
Type: local
Agent: unix
Family: CentOS Local Security Checks
Published: 7/3/2006
Updated: 1/4/2021
Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: p-cpe:/a:centos:centos:gdk-pixbuf-devel, cpe:/o:centos:centos:3, p-cpe:/a:centos:centos:gdk-pixbuf-gnome, cpe:/o:centos:centos:4, p-cpe:/a:centos:centos:gdk-pixbuf
Required KB Items: Host/local_checks_enabled, Host/CentOS/release, Host/CentOS/rpm-list
Patch Publication Date: 4/5/2005
Vulnerability Publication Date: 5/2/2005
Reference Information
CVE: CVE-2005-0891