CentOS 3 / 4 : gdk-pixbuf (CESA-2005:343)

medium Nessus Plugin ID 21806

Synopsis

The remote CentOS host is missing one or more security updates.

Description

Updated gdk-pixbuf packages that fix a double free vulnerability are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment.

A bug was found in the way gdk-pixbuf processes BMP images. It is possible that a specially crafted BMP image could cause a denial of service attack on applications linked against gdk-pixbuf. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0891 to this issue.

Users of gdk-pixbuf are advised to upgrade to these packages, which contain a backported patch and is not vulnerable to this issue.

Solution

Update the affected gdk-pixbuf packages.

See Also

http://www.nessus.org/u?58cd6a12

http://www.nessus.org/u?1ffa0544

http://www.nessus.org/u?4d0f3e02

http://www.nessus.org/u?ad2a194d

http://www.nessus.org/u?19385042

Plugin Details

Severity: Medium

ID: 21806

File Name: centos_RHSA-2005-343.nasl

Version: 1.20

Type: local

Agent: unix

Published: 7/3/2006

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:centos:centos:gdk-pixbuf-devel, cpe:/o:centos:centos:3, p-cpe:/a:centos:centos:gdk-pixbuf-gnome, cpe:/o:centos:centos:4, p-cpe:/a:centos:centos:gdk-pixbuf

Required KB Items: Host/local_checks_enabled, Host/CentOS/release, Host/CentOS/rpm-list

Patch Publication Date: 4/5/2005

Vulnerability Publication Date: 5/2/2005

Reference Information

CVE: CVE-2005-0891

CWE: 119

RHSA: 2005:343