CVE-2015-7674
published 2015-10-26CVE-2015-7674: Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service…
PriorityP434medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
5.80%
92.2th percentile
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | gdk-pixbuf | < gdk-pixbuf 2.32.1-1 (bookworm) | gdk-pixbuf 2.32.1-1 (bookworm) |
| debian | gtk+2.0 | < gdk-pixbuf 2.32.1-1 (bookworm) | gdk-pixbuf 2.32.1-1 (bookworm) |
| gnome | gdk-pixbuf | <= 2.32.0 | — |
| gnome | gdk-pixbuf | >= 0 < 2.32.1-1 | 2.32.1-1 |
| gnome | gdk-pixbuf | >= 0 < 2.32.1-1 | 2.32.1-1 |
| gnome | gdk-pixbuf | >= 0 < 2.32.1-1 | 2.32.1-1 |
| gnome | gdk-pixbuf | >= 0 < 2.32.1-1 | 2.32.1-1 |
| gnome | gdk-pixbuf | >= 0 < 2.30.7-0ubuntu1.2 | 2.30.7-0ubuntu1.2 |
| opensuse | opensuse | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m3cf-cwfr-2w97: Integer overflow in the pixops_scale_nearest function in pixops/pixops
ghsa_unreviewed·2022-05-14
CVE-2015-7674 [MEDIUM] GHSA-m3cf-cwfr-2w97: Integer overflow in the pixops_scale_nearest function in pixops/pixops
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
OSV
CVE-2015-7674: Integer overflow in the pixops_scale_nearest function in pixops/pixops
osv·2015-10-26·CVSS 6.8
CVE-2015-7674 [MEDIUM] CVE-2015-7674: Integer overflow in the pixops_scale_nearest function in pixops/pixops
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
OSV
gdk-pixbuf vulnerabilities
osv·2015-10-13·CVSS 6.8
CVE-2015-7673 [MEDIUM] gdk-pixbuf vulnerabilities
gdk-pixbuf vulnerabilities
Gustavo Grieco discovered that the GDK-PixBuf library did not properly
handle scaling tga image files, leading to a heap overflow. If a
user or automated system were tricked into opening a tga image file,
a remote attacker could use this flaw to cause GDK-PixBuf to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7673)
Gustavo Grieco discovered that the GDK-PixBuf library contained
an integer overflow when handling certain GIF images. If a user
or automated system were tricked into opening a GIF image file,
a remote attacker could use this flaw to cause GDK-PixBuf to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7674)
Ubuntu
GDK-PixBuf vulnerabilities
vendor_ubuntu·2015-10-13·CVSS 6.8
CVE-2015-7673 [MEDIUM] GDK-PixBuf vulnerabilities
Title: GDK-PixBuf vulnerabilities
Summary: GDK-PixBuf could be made to crash or run programs as your login if it
opened a specially crafted file.
Gustavo Grieco discovered that the GDK-PixBuf library did not properly
handle scaling tga image files, leading to a heap overflow. If a
user or automated system were tricked into opening a tga image file,
a remote attacker could use this flaw to cause GDK-PixBuf to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7673)
Gustavo Grieco discovered that the GDK-PixBuf library contained
an integer overflow when handling certain GIF images. If a user
or automated system were tricked into opening a GIF image file,
a remote attacker could use this flaw to cause GDK-PixBuf to crash,
resulting in a denial of service
Red Hat
gdk-pixbuf: Heap overflow when scaling a GIF file
vendor_redhat·2015-10-01·CVSS 6.8
CVE-2015-7674 [MEDIUM] gdk-pixbuf: Heap overflow when scaling a GIF file
gdk-pixbuf: Heap overflow when scaling a GIF file
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
Package: gdk-pixbuf (Red Hat Enterprise Linux 5) - Will not fix
Package: gdk-pixbuf2 (Red Hat Enterprise Linux 6) - Not affected
Package: gdk-pixbuf2 (Red Hat Enterprise Linux 7) - Will not fix
Debian
CVE-2015-7674: gdk-pixbuf - Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-...
vendor_debian·2015·CVSS 6.8
CVE-2015-7674 [MEDIUM] CVE-2015-7674: gdk-pixbuf - Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-...
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
Scope: local
bookworm: resolved (fixed in 2.32.1-1)
bullseye: resolved (fixed in 2.32.1-1)
forky: resolved (fixed in 2.32.1-1)
sid: resolved (fixed in 2.32.1-1)
trixie: resolved (fixed in 2.32.1-1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2015-7674 gdk-pixbuf2: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]
bugzilla·2015-10-21·CVSS 6.8
CVE-2015-7674 [MEDIUM] CVE-2015-7674 gdk-pixbuf2: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]
CVE-2015-7674 gdk-pixbuf2: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported
Bugzilla
CVE-2015-7674 mingw-gdk-pixbuf: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]
bugzilla·2015-10-21·CVSS 6.8
CVE-2015-7674 [MEDIUM] CVE-2015-7674 mingw-gdk-pixbuf: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]
CVE-2015-7674 mingw-gdk-pixbuf: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple suppo
Bugzilla
CVE-2015-7674 gdk-pixbuf: Heap overflow when scaling a GIF file
bugzilla·2015-10-02·CVSS 6.8
CVE-2015-7674 [MEDIUM] CVE-2015-7674 gdk-pixbuf: Heap overflow when scaling a GIF file
CVE-2015-7674 gdk-pixbuf: Heap overflow when scaling a GIF file
Heap overflow flaw was found in the gdk-pixbuf implementation triggered by the scaling of gif file. Affected versions are 60s) loop. The patch linked in comment #0 does not fix this in RHEL6.
---
The infinite loop in RHEL6 is annoying but shouldn't qualify as security issue.
http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.1.newshttp://lists.opensuse.org/opensuse-updates/2016-03/msg00124.htmlhttp://lists.opensuse.org/opensuse-updates/2016-06/msg00006.htmlhttp://www.debian.org/security/2015/dsa-3378http://www.openwall.com/lists/oss-security/2015/10/01/4http://www.openwall.com/lists/oss-security/2015/10/01/7http://www.openwall.com/lists/oss-security/2015/10/02/10http://www.openwall.com/lists/oss-security/2015/10/05/7http://www.securityfocus.com/bid/76955http://www.ubuntu.com/usn/USN-2767-1https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aahttps://security.gentoo.org/glsa/201512-05http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.1.newshttp://lists.opensuse.org/opensuse-updates/2016-03/msg00124.htmlhttp://lists.opensuse.org/opensuse-updates/2016-06/msg00006.htmlhttp://www.debian.org/security/2015/dsa-3378http://www.openwall.com/lists/oss-security/2015/10/01/4http://www.openwall.com/lists/oss-security/2015/10/01/7http://www.openwall.com/lists/oss-security/2015/10/02/10http://www.openwall.com/lists/oss-security/2015/10/05/7http://www.securityfocus.com/bid/76955http://www.ubuntu.com/usn/USN-2767-1https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aahttps://security.gentoo.org/glsa/201512-05
2015-10-26
Published