wxGTK: User-assisted execution of arbitrary code

1. Gentoo Linux Security Advisory

Advisory Reference	GLSA 201009-01 / wxGTK
Release Date	September 02, 2010
Latest Revision	September 02, 2010: 01
Impact	normal
Exploitable	remote

Package	Vulnerable versions	Unaffected versions	Architecture(s)
x11-libs/wxGTK	< 2.8.10.1-r1	revision >= 2.6.4.0-r5, >= 2.8.10.1-r1	All supported architectures

Related bugreports: #277722

Synopsis

An integer overflow vulnerability in wxGTK might enable remote attackers to cause the execution of arbitrary code.

2. Impact Information

Background

wxGTK is the GTK+ version of wxWidgets, a cross-platform C++ GUI toolkit.

Description

wxGTK is prone to an integer overflow error in the wxImage::Create() function in src/common/image.cpp, possibly leading to a heap-based buffer overflow.

Impact

A remote attacker might entice a user to open a specially crafted JPEG file using a program that uses wxGTK, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application.

3. Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All wxGTK 2.6 users should upgrade to an updated version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/wxGTK-2.6.4.0-r5"

All wxGTK 2.8 users should upgrade to an updated version:

Code Listing 3.2: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=x11-libs/wxGTK-2.8.10.1-r1"

NOTE: This is a legacy GLSA. Updates for all affected architectures are available since August 9, 2009. It is likely that your system is already no longer affected by this issue.

4. References

CVE-2009-2369

Page updated September 02, 2010

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.