{"id":"DEBIAN-CVE-2005-3186","details":"Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.","modified":"2026-04-28T20:07:43.853045Z","published":"2005-11-18T06:03:00Z","upstream":["CVE-2005-3186"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2005-3186"}],"affected":[{"package":{"name":"gdk-pixbuf","ecosystem":"Debian:11","purl":"pkg:deb/debian/gdk-pixbuf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.22.0-11"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gdk-pixbuf","ecosystem":"Debian:12","purl":"pkg:deb/debian/gdk-pixbuf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.22.0-11"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gdk-pixbuf","ecosystem":"Debian:13","purl":"pkg:deb/debian/gdk-pixbuf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.22.0-11"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gdk-pixbuf","ecosystem":"Debian:14","purl":"pkg:deb/debian/gdk-pixbuf?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.22.0-11"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gtk+2.0","ecosystem":"Debian:11","purl":"pkg:deb/debian/gtk%2B2.0?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.10-2"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gtk+2.0","ecosystem":"Debian:12","purl":"pkg:deb/debian/gtk%2B2.0?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.10-2"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gtk+2.0","ecosystem":"Debian:13","purl":"pkg:deb/debian/gtk%2B2.0?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.10-2"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}},{"package":{"name":"gtk+2.0","ecosystem":"Debian:14","purl":"pkg:deb/debian/gtk%2B2.0?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.6.10-2"}]}],"ecosystem_specific":{"urgency":"medium"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2005-3186.json"}}],"schema_version":"1.7.5"}