Vulnerabilities > CVE-2011-2485 - Unspecified vulnerability in Gnome Gdk-Pixbuf 2.22.1/2.23.3
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201206-20.NASL description The remote host is affected by the vulnerability described in GLSA-201206-20 (gdk-pixbuf: Denial of Service) Two vulnerabilities have been found in gdk-pixbuf: The last seen 2020-06-01 modified 2020-06-02 plugin id 59673 published 2012-06-25 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59673 title GLSA-201206-20 : gdk-pixbuf: Denial of Service code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201206-20. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(59673); script_version("1.10"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2011-2485", "CVE-2012-2370"); script_bugtraq_id(48425, 53548); script_xref(name:"GLSA", value:"201206-20"); script_name(english:"GLSA-201206-20 : gdk-pixbuf: Denial of Service"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201206-20 (gdk-pixbuf: Denial of Service) Two vulnerabilities have been found in gdk-pixbuf: The 'gdk_pixbuf__gif_image_load()' function in io-gif.c fails to properly handle certain return values from subroutines (CVE-2011-2485). The 'read_bitmap_file_data()' function in io-xbm.c contains an integer overflow error (CVE-2012-2370). Impact : A remote attacker could entice a user to open a specially crafted image in an application linked against gdk-pixbuf, possibly resulting in Denial of Service. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201206-20" ); script_set_attribute( attribute:"solution", value: "All gdk-pixbuf users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=x11-libs/gdk-pixbuf-2.24.1-r1' Packages which depend on this library may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:gdk-pixbuf"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2012/06/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"x11-libs/gdk-pixbuf", unaffected:make_list("ge 2.24.1-r1"), vulnerable:make_list("lt 2.24.1-r1"))) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get()); else security_warning(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gdk-pixbuf"); }NASL family Windows NASL id PIDGIN_2_9_0.NASL description The version of Pidgin installed on the remote host is earlier than 2.9.0. As such, it is potentially affected by a denial of service vulnerability. The function last seen 2020-06-01 modified 2020-06-02 plugin id 55436 published 2011-06-27 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55436 title Pidgin < 2.9.0 gdk_pixbuf__gif_image_load() Denial of Service NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2011-178-01.NASL description New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 55703 published 2011-07-28 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55703 title Slackware 12.2 / 13.0 / 13.1 / 13.37 / current : pidgin (SSA:2011-178-01) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201206-11.NASL description The remote host is affected by the vulnerability described in GLSA-201206-11 (Pidgin: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Pidgin. Please review the CVE identifiers referenced below for details. Impact : These vulnerabilities allow for arbitrary file retrieval, Denial of Service and arbitrary code execution with the privileges of the user running Pidgin. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 59649 published 2012-06-22 reporter This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59649 title GLSA-201206-11 : Pidgin: Multiple vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2011-8672.NASL description It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load() routine did not properly handle certain return values from their subroutines. A remote attacker could provide a specially crafted GIF image, which once opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf to return partially initialized pixbuf structure, possibly having huge width and height, leading to that particular application termination due excessive memory use. The CVE identifier of CVE-2011-2485 has been assigned to this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55428 published 2011-06-27 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55428 title Fedora 15 : gdk-pixbuf2-2.23.3-2.fc15 (2011-8672) NASL family SuSE Local Security Checks NASL id SUSE_11_GTK2-120605.NASL description The following issue has been fixed : - Specially crafted GIF and XBM files could have crashed gtk2 (CVE-2012-2370 / CVE-2011-2485) last seen 2020-06-05 modified 2013-01-25 plugin id 64153 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64153 title SuSE 11.1 / 11.2 Security Update : gtk2 (SAT Patch Numbers 6389 / 6390) NASL family SuSE Local Security Checks NASL id SUSE_GTK2-8174.NASL description The following issue has been fixed : - Specially crafted GIF and XBM files could have crashed gtk2. (CVE-2012-2370 / CVE-2011-2485) last seen 2020-06-05 modified 2012-07-06 plugin id 59855 published 2012-07-06 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59855 title SuSE 10 Security Update : gtk2 (ZYPP Patch Number 8174) NASL family Fedora Local Security Checks NASL id FEDORA_2011-8667.NASL description It was found that gdk-pixbuf GIF image loader gdk_pixbuf__gif_image_load() routine did not properly handle certain return values from their subroutines. A remote attacker could provide a specially crafted GIF image, which once opened in an application, linked against gdk-pixbuf would lead to gdk-pixbuf to return partially initialized pixbuf structure, possibly having huge width and height, leading to that particular application termination due excessive memory use. The CVE identifier of CVE-2011-2485 has been assigned to this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 55871 published 2011-08-17 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/55871 title Fedora 14 : gdk-pixbuf2-2.22.0-2.fc14 (2011-8667) NASL family SuSE Local Security Checks NASL id SUSE_11_GDK-PIXBUF-120531.NASL description This update of gdk-pixbuf fixes multiple buffer overflows that could have caused a crash or potentially have allowed heap corruptions. (CVE-2011-2485 / CVE-2012-2370 / CVE-2011-2897) last seen 2020-06-05 modified 2013-01-25 plugin id 64145 published 2013-01-25 reporter This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/64145 title SuSE 11.1 Security Update : gdk-pixbuf (SAT Patch Number 6367) NASL family SuSE Local Security Checks NASL id SUSE_GDK-PIXBUF-8158.NASL description This update of gdk-pixbuf fixes multiple buffer overflows that could have caused a crash or potentially have allowed heap corruptions. (CVE-2011-2485 / CVE-2012-2370 / CVE-2011-2897) last seen 2020-06-05 modified 2012-07-06 plugin id 59854 published 2012-07-06 reporter This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/59854 title SuSE 10 Security Update : gdk-pixbuf (ZYPP Patch Number 8158) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2011-132.NASL description Multiple vulnerabilities has been identified and fixed in pidgin : It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() did not properly handle certain return values from its subroutines. A remote attacker could provide a specially crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure. Using this structure, possibly containing a huge width and height, could lead to the application being terminated due to excessive memory use (CVE-2011-2485). Certain characters in the nicknames of IRC users can trigger a NULL pointer dereference in the IRC protocol plugin last seen 2020-06-01 modified 2020-06-02 plugin id 56109 published 2011-09-07 reporter This script is Copyright (C) 2011-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/56109 title Mandriva Linux Security Advisory : pidgin (MDVSA-2011:132-1)