CVE-2015-4491Heap-based Buffer Overflow in Gdk-pixbuf

CWE-189CWE-122Heap-based Buffer Overflow11 documents8 sources
Severity
6.8MEDIUMNVD
EPSS
4.3%
top 11.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Gnome Gdk-pixbufCanonical Ubuntu LinuxFedoraproject Fedora+2 more
Timeline
PublishedAug 16
Latest updateMay 14

Description

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages4 packages

Debiangnome/gdk-pixbuf< 2.31.7-1+3
NVDgnome/gdk-pixbuf2.31.4
NVDoracle/solaris10, 11.3+1
NVDopensuse/opensuse13.1, 13.2+1

Also affects: Ubuntu Linux 12.04, 14.04, 15.04, Fedora 21, 22

🔴Vulnerability Details

3
GHSA
GHSA-735c-hqgj-f846: Integer overflow in the make_filter_table function in pixops/pixops2022-05-14
OSV
CVE-2015-4491: Integer overflow in the make_filter_table function in pixops/pixops2015-08-16
CVEList
CVE-2015-4491: Integer overflow in the make_filter_table function in pixops/pixops2015-08-16

📋Vendor Advisories

5
Ubuntu
GDK-PixBuf vulnerability2015-08-26
Ubuntu
Thunderbird vulnerabilities2015-08-25
Ubuntu
Firefox vulnerabilities2015-08-11
Red Hat
Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88)2015-08-11
Debian
CVE-2015-4491: gdk-pixbuf - Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pix...2015

💬Community

2
Bugzilla
CVE-2015-4491 gdk-pixbuf2: Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88) [fedora-all]2015-08-13
Bugzilla
CVE-2015-4491 Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88)2015-08-11
CVE-2015-4491 — Heap-based Buffer Overflow | cvebase