Security flaws in open-source GTK+

By Derek Sooman on September 20, 2004, 3:15 PM
A DDoS attack could be lurking in wait for users of open-source software built on the GUI toolkit GTK+, it has been reported. Several security compromising vulnerabilities have been found.

One such vulnerability affects BMP image processing in applications, where infinite loops can be created in an application. Others vulnerabilities rely on handling errors while decoding images in the XPixMap (XPM) format, which could be used to create integer and buffer overflows.

GTK+ is used in Gnome, a Unix and Linux desktop suite and development platform that's used by Sun in some Solaris desktops and in many Linux desktops. More here.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.