CVE-2015-7674 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Gdk-pixbuf

CWE-18911 documents8 sources

Severity

6.8MEDIUMNVD

EPSS

1.6%

top 18.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gnome Gdk-pixbuf Canonical Ubuntu Linux Opensuse

Timeline

PublishedOct 26

Latest updateMay 14

Description

Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶Debiangnome/gdk-pixbuf< 2.32.1-1+3

▶NVDgnome/gdk-pixbuf2.32.0

▶NVDopensuse/opensuse13.2

Also affects: Ubuntu Linux 12.04, 14.04, 15.04

Patches

Patch: www.ubuntu.com ↗Patch: www.ubuntu.com ↗

🔴Vulnerability Details

GHSA

GHSA-m3cf-cwfr-2w97: Integer overflow in the pixops_scale_nearest function in pixops/pixops↗2022-05-14

▶

CVEList

CVE-2015-7674: Integer overflow in the pixops_scale_nearest function in pixops/pixops↗2015-10-26

▶

OSV

CVE-2015-7674: Integer overflow in the pixops_scale_nearest function in pixops/pixops↗2015-10-26

▶

OSV

gdk-pixbuf vulnerabilities↗2015-10-13

▶

📋Vendor Advisories

Ubuntu

GDK-PixBuf vulnerabilities↗2015-10-13

▶

Red Hat

gdk-pixbuf: Heap overflow when scaling a GIF file↗2015-10-01

▶

Debian

CVE-2015-7674: gdk-pixbuf - Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-...↗2015

▶

💬Community

Bugzilla

CVE-2015-7674 gdk-pixbuf2: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]↗2015-10-21

▶

Bugzilla

CVE-2015-7674 mingw-gdk-pixbuf: gdk-pixbuf: Heap overflow when scaling a GIF file [fedora-all]↗2015-10-21

▶

Bugzilla

CVE-2015-7674 gdk-pixbuf: Heap overflow when scaling a GIF file↗2015-10-02

▶