JVN#58019849: GTK+ may insecurely load dynamic libraries

GTK+ is a toolkit for developing applications with GUIs. GTK+ contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.

Impact

In an application that uses GTK+, arbitrary code may be executed with the privilege of that application.

Solution

Solution for developers using GTK+
Developers that use GTK+ should update GTK+ to the latest version available.

Products Affected

• GTK+ versions prior to 2.21.8