CVE-2004-0753
CVSS5.0
发布时间 :2004-10-20 00:00:00
修订时间 :2010-08-21 00:21:12
NMCOS    

[原文]The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.


[CNNVD]GDK-Pixbuf多个安全漏洞(CNNVD-200410-060)

        
        gdk-pixbuf是Gtk使用的一个库。
        gdk-pixbuf存在多个问题,远程攻击者可以利用这个漏洞进行拒绝服务或缓冲区溢出攻击。
        第一个问题(CAN-2004-0753)是在尝试对BMP图象进行解码时,在部分条件下,库会进入无限循环,消耗大量CPU资源。
        第二和第三个问题是当库对XPM图象进行解码时,特殊构建的图象文件可导致使用此库的应用程序崩溃或可能执行用户提供的代码。
        第四个和最后一个漏洞是在尝试解析ICO图象时,特殊的ICO文件可导致应用程序崩溃。
        

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:gnome:gdkpixbuf:0.20
cpe:/a:gtk:gtk%2B:2.0.6
cpe:/a:gtk:gtk%2B:2.2.3
cpe:/a:gtk:gtk%2B:2.2.1
cpe:/a:gnome:gdkpixbuf:0.18
cpe:/a:gnome:gdkpixbuf:0.17
cpe:/a:gtk:gtk%2B:2.2.4
cpe:/a:gtk:gtk%2B:2.0.2
cpe:/a:gnome:gdkpixbuf:0.22

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10585The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infin...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0753
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0753
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200410-060
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/825374
(UNKNOWN)  CERT-VN  VU#825374
http://www.redhat.com/support/errata/RHSA-2004-466.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:466
http://www.redhat.com/support/errata/RHSA-2004-447.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2004:447
https://bugzilla.fedora.us/show_bug.cgi?id=2005
(UNKNOWN)  FEDORA  FLSA:2005
http://xforce.iss.net/xforce/xfdb/17383
(UNKNOWN)  XF  gtk-bmp-dos(17383)
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095
(UNKNOWN)  MANDRAKE  MDKSA-2004:095
http://www.debian.org/security/2004/dsa-546
(UNKNOWN)  DEBIAN  DSA-546
http://www.securityfocus.com/bid/11195
(UNKNOWN)  BID  11195
http://www.securityfocus.com/archive/1/archive/1/419771/100/0/threaded
(UNKNOWN)  FEDORA  FLSA-2005:155510
http://www.mandriva.com/security/advisories?name=MDKSA-2005:214
(UNKNOWN)  MANDRIVA  MDKSA-2005:214
http://secunia.com/advisories/17657
(UNKNOWN)  SECUNIA  17657
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000875
(UNKNOWN)  CONECTIVA  CLA-2004:875

- 漏洞信息

GDK-Pixbuf多个安全漏洞
中危 设计错误
2004-10-20 00:00:00 2010-04-02 00:00:00
远程※本地  
        
        gdk-pixbuf是Gtk使用的一个库。
        gdk-pixbuf存在多个问题,远程攻击者可以利用这个漏洞进行拒绝服务或缓冲区溢出攻击。
        第一个问题(CAN-2004-0753)是在尝试对BMP图象进行解码时,在部分条件下,库会进入无限循环,消耗大量CPU资源。
        第二和第三个问题是当库对XPM图象进行解码时,特殊构建的图象文件可导致使用此库的应用程序崩溃或可能执行用户提供的代码。
        第四个和最后一个漏洞是在尝试解析ICO图象时,特殊的ICO文件可导致应用程序崩溃。
        

- 公告与补丁

        厂商补丁:
        Debian
        ------
        Debian已经为此发布了安全公告(DSA-549-1、DSA-546-1)以及相应补丁:
        DSA-549-1:New gtk+2.0 packages fix several vulnerabilities
        链接:
        http://www.debian.org/security/2002/dsa-549

        DSA-546-1:New gdk-pixbuf packages fix several vulnerabilities
        链接:
        http://www.debian.org/security/2002/dsa-546

        补丁下载:
        Source archives:
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody2.dsc

        Size/MD5 checksum: 863 e1fb1114b9e8a2a41696f9ce87e63695
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2-5woody2.diff.gz

        Size/MD5 checksum: 46831 2efce3a3481974044c1a6a1011954f18
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk+2.0_2.0.2.orig.tar.gz

        Size/MD5 checksum: 7835836 dc80381b84458d944c5300a1672c099c
        Architecture independent components:
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-doc_2.0.2-5woody2_all.deb

        Size/MD5 checksum: 1378706 d2d6f488c0a77c93ed5a8fd151741543
        Alpha architecture:
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_alpha.deb

        Size/MD5 checksum: 220806 d754d0cecc3f82d64be319c55dff5c8e
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_alpha.deb

        Size/MD5 checksum: 1102 d3ccf8d6e3b666f6dc71c35f20a6cb77
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_alpha.deb

        Size/MD5 checksum: 1585238 13f238596d197ad27933c3f3e27269f7
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_alpha.deb

        Size/MD5 checksum: 595896 57264f5be6eb488ea9607cd2f7058e08
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_alpha.deb

        Size/MD5 checksum: 5878498 0ffc094ffe8ef6fdd11b38484ea90477
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_alpha.deb

        Size/MD5 checksum: 178322 14de2746abdb546a703aeec243e28a12
        ARM architecture:
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_arm.deb

        Size/MD5 checksum: 214610 c2a2b4874321a68a912afcac8efe4432
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_arm.deb

        Size/MD5 checksum: 1106 d78aba4e1a787ac217dc055dc8e5d77a
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_arm.deb

        Size/MD5 checksum: 1419902 92ed65acd376e565968d534df0e56b4f
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_arm.deb

        Size/MD5 checksum: 595286 a8f465878ea70bb232fc4fc7d460462d
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_arm.deb

        Size/MD5 checksum: 2904044 843cba67b1831b001b9186c11d7d5c72
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_arm.deb

        Size/MD5 checksum: 177272 f02861b5aa96ea782f041db0ba00fe11
        Intel IA-32 architecture:
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_i386.deb

        Size/MD5 checksum: 214932 abd81a3388a82c15364189b0321c931a
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_i386.deb

        Size/MD5 checksum: 1102 6a63e94e140d45afd8d30f1a6aeaf4fa
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_i386.deb

        Size/MD5 checksum: 1289428 a1f0196674f1556a9700a29912ed4b77
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_i386.deb

        Size/MD5 checksum: 595384 485b9ec09c0ddfa5564b25c2fcec58f7
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dbg_2.0.2-5woody2_i386.deb

        Size/MD5 checksum: 2722306 a59b27568500db9dcd8a2ffbf2866f2b
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-dev_2.0.2-5woody2_i386.deb

        Size/MD5 checksum: 177140 245e88cb2addad57e7273b76fb145930
        Intel IA-64 architecture:
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/gtk2.0-examples_2.0.2-5woody2_ia64.deb

        Size/MD5 checksum: 230652 df3f392fc1d8f749134f03413e6b07b3
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk-common_2.0.2-5woody2_ia64.deb

        Size/MD5 checksum: 1098 9f692a19e0d16699852bf7c16de2a05b
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-0_2.0.2-5woody2_ia64.deb

        Size/MD5 checksum: 2076782 8b4e1e4a232881916a2da1f39f3bff18
        
        http://security.debian.org/pool/updates/main/g/gtk+2.0/libgtk2.0-common_2.0.2-5woody2_ia64.deb

        Size/MD5 checksum: 596736 fbaedfd29974d78a92de77666be3ca6a
        

- 漏洞信息

9996
GdkPixbuf BMP Processor DoS
Denial of Service
Loss of Availability

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-09-16 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

GDK-Pixbuf Multiple Vulnerabilities
Design Error 11195
Yes Yes
2004-09-15 12:00:00 2006-05-09 02:04:00
These vulnerabilities were disclosed by Chris Evans.

- 受影响的程序版本

X.org X11R6 6.8
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
Sun Solaris 9_x86 Update 2
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Java Desktop System (JDS) 2.0
Sun Java Desktop System (JDS) 2003
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Desktop 1.0
S.u.S.E. Linux 8.1
RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
Mandriva Linux Mandrake 9.2 amd64
Mandriva Linux Mandrake 9.2
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 2.1 x86_64
MandrakeSoft Corporate Server 2.1
GTK GTK+ 2.4.1
GTK GTK+ 2.2.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GTK GTK+ 2.2.3
GTK GTK+ 2.2.1
GTK GTK+ 2.0.6
GTK GTK+ 2.0.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
GNOME GdkPixbuf 0.22
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GNOME GdkPixbuf 0.20
GNOME GdkPixbuf 0.18
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
GNOME GdkPixbuf 0.17
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Conectiva Linux 10.0
Conectiva Linux 9.0

- 漏洞讨论

Multiple vulnerabilities have been reported in gdk-pixbuf.

The first vulnerability in the library presents itself when the library tries to decode BMP images. In certain circumstances, the library may enter into an infinite loop and consume CPU resources, thus halting further execution of applications using the library.

The second and third vulnerabilities occur when the library tries to decode XPM images. Specially crafted image files could either crash applications using the affected library, or allow for the execution of attacker-supplied code.

The fourth and last vulnerability occurs when the library tries to decode ICO images. Specially crafted ICO files could cause applications to crash.

These vulnerabilities allow attackers to crash applications or to execute arbitrary code in the context of applications that use the affected library.

- 漏洞利用

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案


Please see the referenced advisories for further details.


Sun Solaris 8_sparc

Sun Java Desktop System (JDS) 2003

Sun Solaris 9

Sun Solaris 9_x86 Update 2

Sun Solaris 9_x86

Sun Solaris 8_x86

GNOME GdkPixbuf 0.17

GNOME GdkPixbuf 0.18

GNOME GdkPixbuf 0.22

Sun Java Desktop System (JDS) 2.0

GTK GTK+ 2.0.2

GTK GTK+ 2.0.6

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站