Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[KDE Security Advisory]: kimgio input validation errors
From: Dirk Mueller (dirkkde.org)
Date: Thu Apr 21 2005 - 19:04:31 CDT
KDE Security Advisory: kimgio input validation errors
Original Release Date: 2005-04-21
1. Systems affected:
kdelibs as shipped with KDE 3.2 up to including KDE 3.4.
kimgio contains a PCX image file format reader that does
not properly perform input validation. A source code audit
performed by the KDE security team discovered several
vulnerabilities in the PCX and other image file format
readers, some of them exploitable to execute arbitrary
Remotly supplied, specially crafted image files can be used
to execute arbitrary code.
Source code patches have been made available which fix these
vulnerabilities. Contact your OS vendor / binary package provider
for information about how to obtain updated binary packages.
A patch for KDE 3.4.0 is available from
A patch for KDE 3.3.2 is available from
6. Time line and credits:
24/03/2005 Notification of KDE by Bruno Rohee
21/04/2005 Coordinated Public Disclosure