Slashdot Mirror

← Back to Stories (view on slashdot.org)

GdkPixbuf Suffers Image Decoding Vulnerabilities

Posted by CowboyNeal on Thursday September 16, 2004 @10:45AM from the heads-up dept.

DNAspark99 writes "It seems Multiple vulnerabilities have been reported in GdkPixbuf, which can be exploited by malicious people to DoS (Denial of Service), and potentially compromise a vulnerable system. Personally, I wasn't concerned about this until I ran 'ldd firefox-bin | grep libgdk_pixbuf'" There's no official patch yet, but the article notes several Linux vendors have issued updates. Worth keeping an eye for those who use libgdk_pixbuf under other Unix-style operating systems as well.

2 of 291 comments (clear)

Min score:

Reason:

Sort:

Re:Not exploitable in Firefox by Kenja · 2004-09-16 11:02 · Score: 0, Flamebait

check me on this, but dont "from-the-network" images get downloaded to cache and then opened? If so then gdk-pixbuf would still be used to load the local cached image for display.

--

"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
Re:Not exploitable in Firefox by poot_rootbeer · 2004-09-16 11:18 · Score: 0, Flamebait

So Firefox doesn't ever save an image file that was HTTP'd off the network to a cache directory and load it from disk as needed?