-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
--------------------------------------------------------------------------
Turbolinux Security Advisory TLSA-2006-8
http://www.turbolinux.co.jp/security/
security-team@turbolinux.co.jp
--------------------------------------------------------------------------
Original released date: 22 Jun 2006
Last revised: 22 Jun 2006
Package: kdegraphics
Summary: Heap-based buffer overflow
More information:
Graphic applications for the K Desktop Environment.
A Heap-based buffer overflow vulnerability exists in kdegraphics.
Impact:
This vulnerability may allow remote attackers to execute arbitrary
code via malformed XPM image files.
Affected Products:
- Turbolinux FUJI
<Turbolinux FUJI>
Source Packages
Size: MD5
kdegraphics-3.4.2-6.src.rpm
6596359 bf044b7d3d7b352853309e7feb43d485
Binary Packages
Size: MD5
kdegraphics-3.4.2-6.i686.rpm
7759919 17c7184859309fd86bd004df9f3946cc
References:
KDE Security Advisory
[advisory-20051207-1.txt]
http://www.kde.org/info/security/advisory-20051207-1.txt
[advisory-20051207-2.txt]
http://www.kde.org/info/security/advisory-20051207-2.txt
CVE
[
CAN-2005-3193]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=
CAN-2005-3193
--------------------------------------------------------------------------
Revision History
22 Jun 2006 Initial release
--------------------------------------------------------------------------
Copyright(C) 2006 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFEmoNQK0LzjOqIJMwRAk+4AJ45zjee4inQ5j44hiNre+lMf/dQdgCeNFmZ
lWftpUqpTLw9WufQ3Us7Zo4=
=8DKd
-----END PGP SIGNATURE-----