Computer Security
[EN] securityvulns.ru no-pyccku


GDK-PixBuf security vulnerabilities
Published:25.10.2015
Source:
SecurityVulns ID:14741
Type:remote
Threat Level:
5/10
Description:Buffer overflow, integer overflow, on graphic formats processing.
Affected:GNOME : GDK-PixBuf 2.31
CVE:CVE-2015-7674 (Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.)
 CVE-2015-7673 (io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.)
 CVE-2015-4491 (Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.)
Original documentdocumentUBUNTU, [USN-2722-1] GDK-PixBuf vulnerability (25.10.2015)
 documentUBUNTU, [USN-2767-1] GDK-PixBuf vulnerabilities (25.10.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod