Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Gdk\-Pixbuf
(Gnome)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-09-05 | CVE-2017-2862 | An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability. | Debian_linux, Gdk\-Pixbuf | 7.8 | ||
| 2017-09-05 | CVE-2017-2870 | An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability. | Debian_linux, Gdk\-Pixbuf | 7.8 | ||
| 2016-10-03 | CVE-2016-6352 | The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file. | Ubuntu_linux, Gdk\-Pixbuf, Leap, Opensuse | 7.5 | ||
| 2019-11-12 | CVE-2011-2897 | gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw | Debian_linux, Gdk\-Pixbuf, Enterprise_linux | N/A | ||
| 2018-01-02 | CVE-2017-1000422 | Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution | Ubuntu_linux, Debian_linux, Gdk\-Pixbuf | 8.8 | ||
| 2019-03-07 | CVE-2017-12447 | GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder. | Gdk\-Pixbuf, Nautilus | 7.8 | ||
| 2016-06-01 | CVE-2015-8875 | Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. | Debian_linux, Gdk\-Pixbuf | 7.8 | ||
| 2015-10-26 | CVE-2015-7674 | Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. | Ubuntu_linux, Gdk\-Pixbuf, Opensuse | N/A | ||
| 2015-10-26 | CVE-2015-7673 | io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file. | Gdk\-Pixbuf, Opensuse | N/A | ||
| 2012-07-03 | CVE-2011-2485 | The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file. | Gdk\-Pixbuf | N/A |