The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gdkpixbuf | Gnome | 0.17 (including) | 0.17 (including) |
Gdkpixbuf | Gnome | 0.18 (including) | 0.18 (including) |
Gdkpixbuf | Gnome | 0.20 (including) | 0.20 (including) |
Gdkpixbuf | Gnome | 0.22 (including) | 0.22 (including) |
Gtk | Gnome | 2.0.0 (including) | 2.2.4 (excluding) |
Red Hat Enterprise Linux 3 | RedHat | gdk-pixbuf-1:0.22.0-11.3.3 | * |
Red Hat Enterprise Linux 3 | RedHat | gtk2-0:2.2.4-8.1 | * |
Gdk-pixbuf | Ubuntu | dapper | * |
Gdk-pixbuf | Ubuntu | devel | * |
Gdk-pixbuf | Ubuntu | edgy | * |
Gdk-pixbuf | Ubuntu | feisty | * |