CVE-2013-7447 — Integer Overflow or Wraparound in Ubuntu Linux

CWE-190 — Integer Overflow or Wraparound11 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

3.8%

top 11.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux Samsung X14j Firmware

Timeline

PublishedFeb 17

Latest updateMay 17

Description

Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDsamsung/x14j_firmwaret-ms14jakucb-1102.5

Also affects: Ubuntu Linux 12.04, 14.04, 15.10

Patches

Patch: git.gnome.org ↗Patch: git.gnome.org ↗

🔴Vulnerability Details

GHSA

GHSA-4wwv-835r-3cxc: Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo↗2022-05-17

▶

CVEList

CVE-2013-7447: Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo↗2016-02-17

▶

OSV

CVE-2013-7447: Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo↗2016-02-17

▶

📋Vendor Advisories

Ubuntu

GTK+ vulnerability↗2016-02-15

▶

Ubuntu

Eye of GNOME vulnerability↗2016-02-15

▶

Red Hat

gtk3: Integer overflow in image handling↗2013-06-27

▶

Debian

CVE-2013-7447: gtk+2.0 - Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c i...↗2013

▶

💬Community

Bugzilla

CVE-2013-7447 gtk2, gtk3: Integer overflow in image handling↗2016-02-11

▶

Bugzilla

CVE-2013-7447 gtk2: gtk3: Integer overflow in image handling [fedora-all]↗2016-02-11

▶

Bugzilla

CVE-2013-7447 gtk2: gtk3: Integer overflow in image handling [fedora-all]↗2016-02-11

▶