PT-2013-6305 · Gtk+ Team+3 · Gtk++3

Publicado

2013-12-31

Atualizado

2024-06-15

CVE-2013-7447

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GTK+ versions prior to 3.9.8

Description The issue is related to an integer overflow in the gdk cairo set source pixbuf function, which can be triggered by a large image file. This leads to a large memory allocation, causing a denial of service (crash). The problem affects various applications that use GTK+, including eom, gnome-photos, eog, gambas3, thunar, and pinpoint.

Recommendations For GTK+ versions prior to 3.9.8, update to version 3.9.8 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific problem.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2016-1103

ALT-PU-2016-1114

ALT-PU-2016-1247

ALT-PU-2016-1964

CVE-2013-7447

DLA-419-1

MGASA-2016-0069

MGASA-2016-0070

MGASA-2016-0071

MGASA-2016-0073

MGASA-2016-0074

MGASA-2016-0075

MGASA-2016-0076

OPENSUSE-SU-2024:10170-1

OPENSUSE-SU-2024:10522-1

OPENSUSE-SU-2024:10908-1

SUSE-SU-2016:2532-1

SUSE-SU-2016:2550-1

SUSE-SU-2016_2532-1

SUSE-SU-2016_2550-1

USN-2898-1

USN-2898-2

Produtos afetados

Alt Linux

Gtk+

Suse

Ubuntu

PT-2013-6305 · Gtk+ Team+3 · Gtk++3

CVE-2013-7447

Identificadores relacionados

Produtos afetados

Referências · 59