Vulnerabilities > Gnome > GDK Pixbuf
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-10 | CVE-2017-6312 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations. | 5.5 |
2017-03-10 | CVE-2017-6311 | NULL Pointer Dereference vulnerability in multiple products gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message. | 7.5 |
2016-10-03 | CVE-2016-6352 | Out-of-bounds Write vulnerability in multiple products The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file. | 5.0 |
2016-06-01 | CVE-2015-8875 | Numeric Errors vulnerability in multiple products Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. | 6.8 |
2015-10-26 | CVE-2015-7674 | Numeric Errors vulnerability in multiple products Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. | 6.8 |
2015-10-26 | CVE-2015-7673 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file. | 6.8 |
2012-07-03 | CVE-2011-2485 | Unspecified vulnerability in Gnome Gdk-Pixbuf 2.22.1/2.23.3 The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file. network gnome | 4.3 |