Phantasm66
Posts: 4,909 +8
A DDoS attack could be lurking in wait for users of open-source software built on the GUI toolkit GTK+, it has been reported. Several security compromising vulnerabilities have been found.
One such vulnerability affects BMP image processing in applications, where infinite loops can be created in an application. Others vulnerabilities rely on handling errors while decoding images in the XPixMap (XPM) format, which could be used to create integer and buffer overflows.
GTK+ is used in Gnome, a Unix and Linux desktop suite and development platform that's used by Sun in some Solaris desktops and in many Linux desktops. More here.
One such vulnerability affects BMP image processing in applications, where infinite loops can be created in an application. Others vulnerabilities rely on handling errors while decoding images in the XPixMap (XPM) format, which could be used to create integer and buffer overflows.
GTK+ is used in Gnome, a Unix and Linux desktop suite and development platform that's used by Sun in some Solaris desktops and in many Linux desktops. More here.
