Gentoo: 200710-20 Normal: PDFKit and ImageKits Buffer Overflow Risk

Gentoo Linux Security Advisory GLSA 200710-20 https://security.gentoo.org/ Severity: Normal Title: PDFKit, ImageKits: Buffer overflow Date: October 18, 2007 Bugs: #188185 ID: 200710-20

Synopsis ======= PDFKit and ImageKits are vulnerable to an integer overflow and a stack overflow allowing for the user-assisted execution of arbitrary code.
Background ========= PDFKit is a framework for rendering of PDF content in GNUstep applications. ImageKits is a collection of frameworks to support imaging in GNUstep applications.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 gnustep-libs/pdfkit <= 0.9_pre062906 Vulnerable! 2 gnustep-libs/imagekits <= 0.6 Vulnerable! ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. -------------------------------------------------------------------
========== Maurycy Prodeus discovered an integer overflow vulnerability possibly leading to a s...