Gnome Gdk-Pixbuf vulnerabilities

CVE-2015-7673 [MEDIUM] CWE-119 CVE-2015-7673: io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remo io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.

CVE-2015-7674 [MEDIUM] CWE-189 CVE-2015-7674: Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.

CVE-2015-4491 [MEDIUM] CWE-189 CVE-2015-4491: Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, a Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash

CVE-2012-2370 [MEDIUM] CWE-189 CVE-2012-2370: Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2. Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

CVE-2011-2485 [MEDIUM] CVE-2011-2485: The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.

CVE-2005-3186 [HIGH] CVE-2005-3186: Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2 Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.

CVE-2005-2976 [HIGH] CVE-2005-2976: Integer overflow in io-xpm Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.

CVE-2005-2975 [HIGH] CVE-2005-2975: io-xpm io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.

CVE-2005-0891 [HIGH] CVE-2005-0891: Double free vulnerability in gtk 2 (gtk2) before 2 Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.

CVE-2004-0782 [HIGH] CVE-2004-0782: Integer overflow in pixbuf_create_from_xpm (io-xpm Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).

CVE-2004-0788 [MEDIUM] CVE-2004-0788: Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0 Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.

CVE-2004-0753 [MEDIUM] CVE-2004-0753: The BMP image processor for (1) gdk-pixbuf before 0 The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.

CVE-2004-0111 [MEDIUM] CVE-2004-0111: gdk-pixbuf before 0 gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.