Vulnerabilities > CVE-2003-0541 - Unspecified vulnerability in Gnome Gtkhtml

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
gnome
nessus

Summary

gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.

Vulnerable Configurations

Part Description Count
Application
Gnome
1

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2003-093.NASL
    descriptionAlan Cox discovered that certain malformed messages could cause the Evolution mail component to crash due to a NULL pointer dereference in the GtkHTML library, versions prior to 1.1.0. The updated package provides a patched version of GtkHTML; versions of Mandrake Linux more recent than 9.0 do not require this fix as they already come with version 1.1.0.
    last seen2020-06-01
    modified2020-06-02
    plugin id14075
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14075
    titleMandrake Linux Security Advisory : gtkhtml (MDKSA-2003:093)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2003:093. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14075);
      script_version ("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:47");
    
      script_cve_id("CVE-2003-0541");
      script_xref(name:"MDKSA", value:"2003:093");
    
      script_name(english:"Mandrake Linux Security Advisory : gtkhtml (MDKSA-2003:093)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Alan Cox discovered that certain malformed messages could cause the
    Evolution mail component to crash due to a NULL pointer dereference in
    the GtkHTML library, versions prior to 1.1.0.
    
    The updated package provides a patched version of GtkHTML; versions of
    Mandrake Linux more recent than 9.0 do not require this fix as they
    already come with version 1.1.0."
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Update the affected gtkhtml, libgtkhtml20 and / or libgtkhtml20-devel
    packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:gtkhtml");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgtkhtml20");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libgtkhtml20-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2003/09/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"gtkhtml-1.0.4-4.1.90mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libgtkhtml20-1.0.4-4.1.90mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libgtkhtml20-devel-1.0.4-4.1.90mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-710.NASL
    descriptionAlan Cox discovered a problem in gtkhtml, an HTML rendering widget used by the Evolution mail reader. Certain malformed messages could cause a crash due to a NULL pointer dereference.
    last seen2020-06-01
    modified2020-06-02
    plugin id18080
    published2005-04-18
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18080
    titleDebian DSA-710-1 : gtkhtml - NULL pointer dereference
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-710. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(18080);
      script_version("1.21");
      script_cvs_date("Date: 2019/08/02 13:32:18");
    
      script_cve_id("CVE-2003-0541");
      script_xref(name:"DSA", value:"710");
    
      script_name(english:"Debian DSA-710-1 : gtkhtml - NULL pointer dereference");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Alan Cox discovered a problem in gtkhtml, an HTML rendering widget
    used by the Evolution mail reader. Certain malformed messages could
    cause a crash due to a NULL pointer dereference."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=279726"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.debian.org/security/2005/dsa-710"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the gtkhtml package and restart Evolution.
    
    For the stable distribution (woody) this problem has been fixed in
    version 1.0.2-1.woody1."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:gtkhtml");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/04/18");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/04/18");
      script_set_attribute(attribute:"vuln_publication_date", value:"2003/09/09");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"3.0", prefix:"gtkhtml", reference:"1.0.2-1.woody1")) flag++;
    if (deb_check(release:"3.0", prefix:"libgtkhtml-data", reference:"1.0.2-1.woody1")) flag++;
    if (deb_check(release:"3.0", prefix:"libgtkhtml-dev", reference:"1.0.2-1.woody1")) flag++;
    if (deb_check(release:"3.0", prefix:"libgtkhtml20", reference:"1.0.2-1.woody1")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    

Oval

accepted2007-04-25T19:52:16.578-04:00
classvulnerability
contributors
  • nameJay Beale
    organizationBastille Linux
  • nameJay Beale
    organizationBastille Linux
  • nameThomas R. Jones
    organizationMaitreya Security
descriptiongtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.
familyunix
idoval:org.mitre.oval:def:148
statusaccepted
submitted2003-09-10T12:00:00.000-04:00
titleEvolution GtkHTML DoS via null Pointer Dereference
version38

Redhat

advisories
rhsa
idRHSA-2003:264