|
Viliam Holub discovered a bug in gtksee whereby, when loading PNG images of certain color depths, gtksee would overflow a heap-allocated buffer. This vulnerability could be exploited by an attacker using a carefully constructed PNG image to execute arbitrary code when the victim loads the file in gtksee.
For the stable distribution (woody) this problem has been fixed in version 0.5.0-6.
For the unstable distribution (sid) this problem will be fixed soon. Refer to Debian bug #76346.
We recommend that you update your gtksee package.
MD5 checksums of the listed files are available in the original advisory.