CVE-2004-0753

The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.

Weakness

The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Affected Software

Name	Vendor	Start Version	End Version
Gdkpixbuf	Gnome	0.17 (including)	0.17 (including)
Gdkpixbuf	Gnome	0.18 (including)	0.18 (including)
Gdkpixbuf	Gnome	0.20 (including)	0.20 (including)
Gdkpixbuf	Gnome	0.22 (including)	0.22 (including)
Gtk	Gnome	2.0.0 (including)	2.2.4 (excluding)

References

http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000875
http://secunia.com/advisories/17657
http://www.debian.org/security/2004/dsa-546
http://www.kb.cert.org/vuls/id/825374
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:095
http://www.mandriva.com/security/advisories?name=MDKSA-2005:214
http://www.redhat.com/support/errata/RHSA-2004-447.html
http://www.redhat.com/support/errata/RHSA-2004-466.html
http://www.securityfocus.com/archive/1/419771/100/0/threaded
http://www.securityfocus.com/bid/11195
https://bugzilla.fedora.us/show_bug.cgi?id=2005
https://exchange.xforce.ibmcloud.com/vulnerabilities/17383
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10585

NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0753
CWE	https://cwe.mitre.org/data/definitions/835.html

Loop with Unreachable Exit Condition ('Infinite Loop')

Weakness

Affected Software

References