Bug 78951 (CVE-2005-1046)

Summary: VUL-0: CVE-2005-1046: kimgio vulnerabilities
Product: [Novell Products] SUSE Security Incidents Reporter: Ludwig Nussel <lnussel>
Component: IncidentsAssignee: E-mail List <kde-maintainers>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P5 - None CC: adrian.schroeter, coolo, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: All   
Whiteboard: CVE-2005-1046: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Ludwig Nussel 2005-04-20 09:17:11 UTC 
We received the following report via vendor-sec.
This issue is not public yet, please keep any information about it inside SUSE.

I guess you got the patches yourself. Did we fix all those issues with the last update already?

KDE Security Advisory: kimgio input validation errors
Original Release Date: 2005-04-21
URL: http://www.kde.org/info/security/advisory-20050421-1.txt

0. References

        http://bugs.kde.org/102328
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046


1. Systems affected:

        kdelibs as shipped with KDE 3.2 up to including KDE 3.4.


2. Overview:

        kimgio contains a PCX image file format reader that does
        not properly perform input validation. A source code audit
        performed by the KDE security team discovered several
        vulnerabilities in the PCX and other image file format
        readers, some of them exploitable to execute arbitrary
        code.


3. Impact:

        Remotly supplied, specially crafted image files can be used
        to execute arbitrary code.


4. Solution:

        Source code patches have been made available which fix these
        vulnerabilities. Contact your OS vendor / binary package provider
        for information about how to obtain updated binary packages.


5. Patch:

        A patch for KDE 3.4.0 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        78473d4dad612e6617eb6652eec2ab80  post-3.4.0-kdelibs-kimgio.diff

        A patch for KDE 3.3.2 is available from 
        ftp://ftp.kde.org/pub/kde/security_patches :

        8366d0e5c8101c315a0bdafac54536d6  post-3.3.2-kdelibs-kimgio.diff


6. Time line and credits:

        24/03/2005 Notification of KDE by Bruno Rohee
        21/04/2005 Coordinated Public Disclosure
Comment 1 Adrian Schröter 2005-04-20 13:27:34 UTC 
packages have been submitted, but no patchinfo got created due to lack of 
SWAMPID.
Comment 2 Ludwig Nussel 2005-04-20 15:29:59 UTC 
SM-Tracker-970
Comment 3 Marcus Meissner 2005-04-21 08:27:39 UTC 
*** Bug 74463 has been marked as a duplicate of this bug. ***
Comment 4 Ludwig Nussel 2005-05-09 11:33:02 UTC 
packages released
Comment 5 Thomas Biege 2009-10-13 21:17:17 UTC 
CVE-2005-1046: CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)