1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
PublicDateAtUSN: 2015-10-02
Candidate: CVE-2015-7674
PublicDate: 2015-10-26
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7674
http://www.openwall.com/lists/oss-security/2015/10/01/4
http://www.ubuntu.com/usn/usn-2767-1
Description:
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in
gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of
service (application crash) and possibly execute arbitrary code via a
crafted GIF image file, which triggers a heap-based buffer overflow.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: sbeattie
Patches_gdk-pixbuf:
upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa
upstream_gdk-pixbuf: released (2.32.1)
precise_gdk-pixbuf: released (2.26.1-1ubuntu1.3)
trusty_gdk-pixbuf: released (2.30.7-0ubuntu1.2)
vivid_gdk-pixbuf: released (2.31.3-1ubuntu0.2)
devel_gdk-pixbuf: released (2.32.0-1ubuntu1)
vivid/stable-phone-overlay_gdk-pixbuf: released (2.31.3-1ubuntu0.2)
vivid/ubuntu-core_gdk-pixbuf: DNE
|