1. CVE-Search
  2. CVE-2004-0111
ID CVE-2004-0111
Summary gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:gdkpixbuf:0.18:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:gdkpixbuf:0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:gdkpixbuf:0.20:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:gdkpixbuf:0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386:*:*:*:*:*
    cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386:*:*:*:*:*
  • cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386_dev:*:*:*:*:*
    cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386_dev:*:*:*:*:*
  • cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386_gnome:*:*:*:*:*
    cpe:2.3:a:redhat:gdk_pixbuf:0.18.0-7:*:i386_gnome:*:*:*:*:*
  • cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:2.1:*:advanced_server:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:2.1:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:2.1:*:workstation:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:3.0:*:advanced_servers:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:3.0:*:enterprise_server:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:3.0:*:workstation:*:*:*:*:*
  • cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
    cpe:2.3:o:redhat:linux_advanced_workstation:2.1:*:itanium_processor:*:*:*:*:*
CVSS
Base: 5.0 (as of 10-10-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
  • accepted 2007-04-25T19:52:59.778-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
    family unix
    id oval:org.mitre.oval:def:845
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat Enterprise 3 gdk-pixbuf Denial of Service
    version 38
  • accepted 2007-04-25T19:52:59.959-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Matt Busby
      organization The MITRE Corporation
    • name Thomas R. Jones
      organization Maitreya Security
    description gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
    family unix
    id oval:org.mitre.oval:def:846
    status accepted
    submitted 2004-03-20T12:00:00.000-04:00
    title Red Hat gdk-pixbuf Denial of Service
    version 38
redhat via4
advisories
  • rhsa
    id RHSA-2004:102
  • rhsa
    id RHSA-2004:103
rpms
  • gdk-pixbuf-1:0.22.0-6.1.1
  • gdk-pixbuf-debuginfo-1:0.22.0-6.1.1
  • gdk-pixbuf-devel-1:0.22.0-6.1.1
  • gdk-pixbuf-gnome-1:0.22.0-6.1.1
refmap via4
bid 9842
debian DSA-464
fedora FLSA:2005
mandrake MDKSA-2004:020
xf gdk-pixbuf-bitmap-dos(15426)
Last major update 10-10-2017 - 01:30
Published 15-04-2004 - 04:00
Last modified 10-10-2017 - 01:30
Back to Top