PT-2015-7575 · Gnome+3 · Gdk-Pixbuf+3

Gustavo Grieco

Publicado

2015-09-25

Atualizado

2024-06-15

CVE-2015-7674

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions gdk-pixbuf versions prior to 2.32.1

Description The issue is caused by an integer overflow in the pixops scale nearest function, which can lead to a denial of service (application crash) and potentially allow the execution of arbitrary code. This is triggered by a crafted GIF image file that causes a heap-based buffer overflow.

Recommendations For versions prior to 2.32.1, update to version 2.32.1 or later to resolve the issue.

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

ALT-PU-2015-1808

CVE-2015-7674

DLA-434-1

DLA-450-1

DSA-3378-1

MGASA-2015-0388

OPENSUSE-SU-2024:10453-1

SUSE-SU-2015:1787-1

SUSE-SU-2015:2195-1

SUSE-SU-2015:2195-2

USN-2767-1

Produtos afetados

Alt Linux

Suse

Ubuntu

Gdk-Pixbuf

PT-2015-7575 · Gnome+3 · Gdk-Pixbuf+3

CVE-2015-7674

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 51