MDKSA-2003:048

Package name

eog

Date

2003-04-16

Advisory ID

MDKSA-2003:048

Affected versions

9.1 i586 , CS2.1 i586 , 9.1 i586 , 9.0 i586

Problem description

A vulnerability was discovered in the Eye of GNOME (EOG) program, version 2.2.0 and earlier, that is used for displaying graphics. A carefully crafted filename passed to eog could lead to the execution of arbitrary code as the user executing eog.

Updated packages

9.1 i586

 0e88dac227e691a431192c7005d78fc4  ppc/9.1/RPMS/eog-2.2.0-1.1mdk.ppc.rpm
b2c35125798f3bfef1b43bb9e34e3869  ppc/9.1/SRPMS/eog-2.2.0-1.1mdk.src.rpm

CS2.1 i586

 c2b6f3e1b6dc4676795d82fbb5d03270  corporate/2.1/RPMS/eog-1.0.2-1.1mdk.i586.rpm
3929458c9f13ccd8d102316b5180364f  corporate/2.1/SRPMS/eog-1.0.2-1.1mdk.src.rpm

9.1 i586

 4e46d00b4bc623843e626890983dcb7d  9.1/RPMS/eog-2.2.0-1.1mdk.i586.rpm
b2c35125798f3bfef1b43bb9e34e3869  9.1/SRPMS/eog-2.2.0-1.1mdk.src.rpm

9.0 i586

 c2b6f3e1b6dc4676795d82fbb5d03270  9.0/RPMS/eog-1.0.2-1.1mdk.i586.rpm
3929458c9f13ccd8d102316b5180364f  9.0/SRPMS/eog-1.0.2-1.1mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0165