CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2017-6313 – Gentoo Linux Security Advisory 201709-08
https://notcve.org/view.php?id=CVE-2017-6313
10 Mar 2017 — Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file. Desbordamiento inferior de entero en la función load_resources en io-icns.c en gdk-pixbuf permite a atacantes dependientes de contexto provocar una denegación de servicio (lectura fuera de límites y caída del programa) a través de una entrada de tamaño de imagen manipulada en un archiv... • http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2017-6312 – Gentoo Linux Security Advisory 201709-08
https://notcve.org/view.php?id=CVE-2017-6312
10 Mar 2017 — Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations. Desbordamiento de entero in io-ico.c in gdk-pixbuf permite a atacantes dependientes de contexto provocar una denegación de servicio (fallo de segmentación y caída de aplicación) a través del desplazamiento de entrada de una imagen manipulad... • http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 3CVE-2016-6352 – Ubuntu Security Notice USN-3085-1
https://notcve.org/view.php?id=CVE-2016-6352
21 Sep 2016 — The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file. La función OneLine32 en io-ico.c en gdk-pixbuf en versiones anteriores a 2.35.3 permite a atacantes remotos provocar una denegación de servicio (escritura fuera de límites y caída) a través de dimensiones manipuladas en un archivo ICO. It was discovered that the GDK-PixBuf library did not properly handle specially crafted b... • http://lists.opensuse.org/opensuse-updates/2016-09/msg00040.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2015-8875 – Debian Security Advisory 3589-1
https://notcve.org/view.php?id=CVE-2015-8875
30 May 2016 — Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. Múltiples desbordamientos de entero en las funciones (1) pixops_composite_nearest, (2) pixops_composite_color_nearest y (3) pixops_process en pixops/pixops.c e... • http://www.debian.org/security/2016/dsa-3589 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 2%CPEs: 2EXPL: 0CVE-2015-7673 – Ubuntu Security Notice USN-2767-1
https://notcve.org/view.php?id=CVE-2015-7673
14 Oct 2015 — io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file. io-tga.c in gdk-pixbuf en versiones anteriores a 2.32.0 utiliza la memoria dinámica tras su asignación fallida, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y ca... • http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.0.news • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 2%CPEs: 5EXPL: 0CVE-2015-7674 – Ubuntu Security Notice USN-2767-1
https://notcve.org/view.php?id=CVE-2015-7674
14 Oct 2015 — Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función pixops_scale_nearest en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.32.1 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemen... • http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.1.news • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 1%CPEs: 17EXPL: 0CVE-2015-4491 – Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88)
https://notcve.org/view.php?id=CVE-2015-4491
11 Aug 2015 — Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. Vulnerabilidad de desbordamiento de entero en la función make_filter_table en pixops/pixops... • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 7%CPEs: 8EXPL: 2CVE-2012-2370 – gdk-pixbuf: DoS (GLib error and application abort) due to an integer overflow in the XBM image file format loader
https://notcve.org/view.php?id=CVE-2012-2370
13 Aug 2012 — Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow. Múltiples desbordamientos de enteros en la función read_bitmap_file_data de io-xbm.c en gdk-pixbuf antes de v2.26.1 permite a atacantes remotos causar una denegación de servicio (por caída de la aplicación) a través de un valor negativ... • http://git.gnome.org/browse/gdk-pixbuf • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2011-2485
https://notcve.org/view.php?id=CVE-2011-2485
03 Jul 2012 — The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file. La función gdk_pixbuf__gif_image_load en gdk-pixbuf/io-gif.c en gdk-pixbuf anterior a v2.23.5 no maneja adecuadamente ciertos valores de retorno, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un archivo de... • http://ftp.gnome.org/pub/GNOME/sources/gdk-pixbuf/2.23/gdk-pixbuf-2.23.5.news •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 0CVE-2004-0111
https://notcve.org/view.php?id=CVE-2004-0111
15 Apr 2004 — gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. gdk-pixbuf anteiores a 0.20 permite a atacantes causar una denegación de servicio (caída) mediante un fichero de mapa de bits (BMP) malformado. • http://www.debian.org/security/2004/dsa-464 •