CVE-2015-8875

Name of the Vulnerable Software and Affected Versions gdk-pixbuf versions prior to 2.33.1

Description The issue is caused by multiple integer overflows in the pixops composite nearest, pixops composite color nearest, and pixops process functions. This can lead to a denial of service, resulting in an application crash, or potentially allow the execution of arbitrary code via a crafted image, which triggers a heap-based buffer overflow.

Recommendations For versions prior to 2.33.1, update to version 2.33.1 or later to resolve the issue. As a temporary workaround, consider restricting the processing of images from untrusted sources to minimize the risk of exploitation.