CVE-2017-2862
published 2017-09-05CVE-2017-2862: An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg…
PriorityP342high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EPSS
4.60%
90.5th percentile
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | gdk-pixbuf | < gdk-pixbuf 2.36.10-1 (bookworm) | gdk-pixbuf 2.36.10-1 (bookworm) |
| gnome | gdk-pixbuf | — | — |
| gnome | gdk-pixbuf | — | — |
| gnome | gdk-pixbuf | >= 0 < 2.36.10-1 | 2.36.10-1 |
| gnome | gdk-pixbuf | >= 0 < 2.36.10-1 | 2.36.10-1 |
| gnome | gdk-pixbuf | >= 0 < 2.36.10-1 | 2.36.10-1 |
| gnome | gdk-pixbuf | >= 0 < 2.36.10-1 | 2.36.10-1 |
| gnome | gdk-pixbuf | >= 0 < 2.30.7-0ubuntu1.7 | 2.30.7-0ubuntu1.7 |
| gnome | gdk-pixbuf | >= 0 < 2.32.2-1ubuntu1.3 | 2.32.2-1ubuntu1.3 |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv7.8HIGH
vendor_debian7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
GDK-PixBuf vulnerabilities
vendor_ubuntu·2017-09-18·CVSS 7.8
CVE-2017-2862 [HIGH] GDK-PixBuf vulnerabilities
Title: GDK-PixBuf vulnerabilities
Summary: GDK-PixBuf could be made to crash or run programs as your login if it
opened a specially crafted file.
It was discovered that the GDK-PixBuf library did not properly handle
certain jpeg images. If an user or automated system were tricked into
opening a specially crafted jpeg file, a remote attacker could use this
flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2017-2862)
It was discovered that the GDK-PixBuf library did not properly handle
certain tiff images. If an user or automated system were tricked into
opening a specially crafted tiff file, a remote attacker could use this
flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or
possibly execute arbitrary code. (
Red Hat
gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function
vendor_redhat·2017-08-30·CVSS 7.8
CVE-2017-2862 [HIGH] CWE-120 gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function
gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
Package: gdk-pixbuf2 (Red Hat Enterprise Linux 6) - Will not fix
Package: gdk-pixbuf2 (Red Hat Enterprise Linux 8) - Not affected
Debian
CVE-2017-2862: gdk-pixbuf - An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_...
vendor_debian·2017·CVSS 7.8
CVE-2017-2862 [HIGH] CVE-2017-2862: gdk-pixbuf - An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_...
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
Scope: local
bookworm: resolved (fixed in 2.36.10-1)
bullseye: resolved (fixed in 2.36.10-1)
forky: resolved (fixed in 2.36.10-1)
sid: resolved (fixed in 2.36.10-1)
trixie: resolved (fixed in 2.36.10-1)
GHSA
GHSA-cmxv-cq8h-57g4: An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2
ghsa_unreviewed·2022-05-13
CVE-2017-2862 [HIGH] CWE-119 GHSA-cmxv-cq8h-57g4: An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
OSV
gdk-pixbuf vulnerabilities
osv·2017-09-18·CVSS 7.8
CVE-2017-2862 [HIGH] gdk-pixbuf vulnerabilities
gdk-pixbuf vulnerabilities
It was discovered that the GDK-PixBuf library did not properly handle
certain jpeg images. If an user or automated system were tricked into
opening a specially crafted jpeg file, a remote attacker could use this
flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2017-2862)
It was discovered that the GDK-PixBuf library did not properly handle
certain tiff images. If an user or automated system were tricked into
opening a specially crafted tiff file, a remote attacker could use this
flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2017-2870)
Ariel Zelivansky discovered that the GDK-PixBuf library did not properly
handle printing certain error m
OSV
CVE-2017-2862: An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2
osv·2017-09-05·CVSS 7.8
CVE-2017-2862 [HIGH] CVE-2017-2862: An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Multiple Gdk-Pixbuf Vulnerabilities
blogs_talos·2017-08-30·CVSS 7.8
[HIGH] Vulnerability Spotlight: Multiple Gdk-Pixbuf Vulnerabilities
## Overview
Today, Talos is disclosing the discovery of two remote code execution vulnerabilities which have been identified in the Gdk-Pixbuf Toolkit. This toolkit used in multiple desktop applications including Chromium, Firefox, GNOME thumbnailer, VLC and others. Exploiting this vulnerability allows an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted TIFF or JPEG image and entices the victim to open it, the attackers code will be executed with the privileges of the local user.
## Details
#### TALOS-2017-0377-- CVE-2017-2870
Vulnerability discovered by Marcin Noga of Cisco Talos and also independently discovered by Tobias Mueller from GDK Security.
An exploitable integer overflow vulnerability exists in the tiff_image_parse functiona
Talos
Vulnerability Spotlight: Multiple Gdk-Pixbuf Vulnerabilities
blogs_talos·2017-08-30·CVSS 7.8
[HIGH] Vulnerability Spotlight: Multiple Gdk-Pixbuf Vulnerabilities
## Vulnerability Spotlight: Multiple Gdk-Pixbuf Vulnerabilities
## Overview
Today, Talos is disclosing the discovery of two remote code execution vulnerabilities which have been identified in the Gdk-Pixbuf Toolkit. This toolkit used in multiple desktop applications including Chromium, Firefox, GNOME thumbnailer, VLC and others. Exploiting this vulnerability allows an attacker to gain full control over the victim's machine. If an attacker builds a specially crafted TIFF or JPEG image and entices the victim to open it, the attackers code will be executed with the privileges of the local user.
## Details
## TALOS-2017-0377 -- CVE-2017-2870
Vulnerability discovered by Marcin Noga of Cisco Talos and also independently discovered by Tobias Mueller from GDK Security.
An exploitable integer
Bugzilla
CVE-2017-2862 gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function
bugzilla·2017-09-06·CVSS 7.8
CVE-2017-2862 [HIGH] CVE-2017-2862 gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function
CVE-2017-2862 gdk-pixbuf2: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function
A heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf2.
External References:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366
Discussion:
Upstream commit:
https://git.gnome.org/browse/gdk-pixbuf/commit/gdk-pixbuf/io-jpeg.c?id=c2a40a92fe3df4111ed9da51fe3368c079b86926
---
Analysis:
gdk-pixbuf assumed that the value of output_components to be either 3 or 4, but not an invalid value (9) or an unsupported value (1). Setting output color components to a value other than 3 or 4 causes invalid writes when libjpeg-turbo decodes images.
Code execution seems to be unlikely because of the number of bytes which can be wri
http://www.debian.org/security/2017/dsa-3978http://www.securityfocus.com/bid/100541https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366http://www.debian.org/security/2017/dsa-3978http://www.securityfocus.com/bid/100541https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366
2017-09-05
Published