GTK+ Multiple DLL Loading Arbitrary Code Execution Vulnerabilities

Bugtraq ID: 49449
Class: Design Error
CVE: CVE-2010-4831
CVE-2010-4833
Remote: Yes
Local: No
Published: Sep 09 2011 12:00AM
Updated: Apr 13 2015 09:05PM
Credit: Naoto Katsumi of LAC Co., Ltd
Vulnerable: GTK GTK+ 2.18.5
GTK GTK+ 2.18.4
GTK GTK+ 2.8.6
GTK GTK+ 2.8.3
GTK GTK+ 2.6.7
GTK GTK+ 2.6.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 amd64
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
GTK GTK+ 2.4.14
GTK GTK+ 2.4.13
GTK GTK+ 2.4.10
GTK GTK+ 2.4.9
GTK GTK+ 2.4.1
GTK GTK+ 2.2.4
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ Mandriva Linux Mandrake 10.1 x86_64
+ Mandriva Linux Mandrake 10.1
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
GTK GTK+ 2.2.3
GTK GTK+ 2.2.1
GTK GTK+ 2.0.6
GTK GTK+ 2.0.2
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
GTK GTK+ 2.10.3
Not Vulnerable: GTK GTK+ 2.24


 

Privacy Statement
Copyright 2010, SecurityFocus