CVE-2015-4491

Name of the Vulnerable Software and Affected Versions gdk-pixbuf versions prior to 2.31.5 Mozilla Firefox versions prior to 40.0 Firefox ESR 38.x versions prior to 38.2 Google Chrome (affected versions not specified)

Description The issue is related to an integer overflow in the make filter table function, which can be exploited by remote attackers to execute arbitrary code or cause a denial of service. This is achieved through crafted bitmap dimensions that are mishandled during scaling, resulting in a heap-based buffer overflow and application crash.

Recommendations For gdk-pixbuf versions prior to 2.31.5, update to version 2.31.5 or later. For Mozilla Firefox versions prior to 40.0, update to version 40.0 or later. For Firefox ESR 38.x versions prior to 38.2, update to version 38.2 or later. For Google Chrome, at the moment, there is no information about a newer version that contains a fix for this vulnerability.