// For flags

CVE-2005-2976

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-09-19 CVE Reserved
  • 2005-11-18 CVE Published
  • 2024-08-07 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-190: Integer Overflow or Wraparound
CAPEC
References (25)
URL Tag Source
http://securitytracker.com/id?1015216 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2005-229.pdf Third Party Advisory
http://www.securityfocus.com/bid/15428 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11370 Broken Link
URL Date SRC
URL Date SRC
http://www.redhat.com/support/errata/RHSA-2005-810.html 2023-08-03
URL Date SRC
http://secunia.com/advisories/17522 2023-08-03
http://secunia.com/advisories/17538 2023-08-03
http://secunia.com/advisories/17562 2023-08-03
http://secunia.com/advisories/17592 2023-08-03
http://secunia.com/advisories/17594 2023-08-03
http://secunia.com/advisories/17615 2023-08-03
http://secunia.com/advisories/17657 2023-08-03
http://secunia.com/advisories/17710 2023-08-03
http://secunia.com/advisories/17770 2023-08-03
http://secunia.com/advisories/17791 2023-08-03
http://www.debian.org/security/2005/dsa-911 2023-08-03
http://www.debian.org/security/2005/dsa-913 2023-08-03
http://www.gentoo.org/security/en/glsa/glsa-200511-14.xml 2023-08-03
http://www.mandriva.com/security/advisories?name=MDKSA-2005:214 2023-08-03
http://www.novell.com/linux/security/advisories/2005_65_gtk2.html 2023-08-03
http://www.securityfocus.com/archive/1/428052/100/0/threaded 2023-08-03
http://www.ubuntu.com/usn/usn-216-1 2023-08-03
http://www.vupen.com/english/advisories/2005/2433 2023-08-03
https://access.redhat.com/security/cve/CVE-2005-2976 2005-11-15
https://bugzilla.redhat.com/show_bug.cgi?id=1617772 2005-11-15
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Gnome
Search vendor "Gnome"
 Gdkpixbuf
Search vendor "Gnome" for product "Gdkpixbuf"
 0.22
Search vendor "Gnome" for product "Gdkpixbuf" and version "0.22"
-
Affected
Gnome
Search vendor "Gnome"
 Gtk
Search vendor "Gnome" for product "Gtk"
 < 2.8.7
Search vendor "Gnome" for product "Gtk" and version " < 2.8.7"
-
Affected