Page 3 of 16 results (0.014 seconds)

CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0

Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow. Múltiples desbordamientos de entero en las funciones (1) pixops_composite_nearest, (2) pixops_composite_color_nearest y (3) pixops_process en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.33.1 permiten a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de una imagen manipulada, lo que desencadena un desbordamiento de buffer basado en memoria dinámica. • http://www.debian.org/security/2016/dsa-3589 http://www.openwall.com/lists/oss-security/2016/05/12/3 http://www.openwall.com/lists/oss-security/2016/05/16/1 http://www.openwall.com/lists/oss-security/2016/05/17/7 http://www.ubuntu.com/usn/USN-3085-1 https://git.gnome.org/browse/gdk-pixbuf/commit/?id=dbfe8f70471864818bf458a39c8a99640895bd22 • CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 2%CPEs: 5EXPL: 0

Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función pixops_scale_nearest en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.32.1 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un archivo de imagen GIF manipulado, lo que desencadena un desbordamiento de buffer basado en memoria dinámica. • http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.1.news http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html http://www.debian.org/security/2015/dsa-3378 http://www.openwall.com/lists/oss-security/2015/10/01/4 http://www.openwall.com/lists/oss-security/2015/10/01/7 http://www.openwall.com/lists/oss-security/2015/10/02/10 http://www.openwall.com/lists/o • CWE-189: Numeric Errors •

CVSS: 6.8EPSS: 2%CPEs: 2EXPL: 0

io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file. io-tga.c in gdk-pixbuf en versiones anteriores a 2.32.0 utiliza la memoria dinámica tras su asignación fallida, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un archivo Truevision TGA (TARGA) manipulado. • http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.0.news http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html http://www.debian.org/security/2015/dsa-3378 http://www.openwall.com/lists/oss-security/2015/10/01/3 http://www.openwall.com/lists/oss-security/2015/10/02/9 http://www.securityfocus.com/bid/76953 http://www.ubuntu.com/usn/USN-2767-1 https://gi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 1%CPEs: 17EXPL: 0

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. Vulnerabilidad de desbordamiento de entero en la función make_filter_table en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.31.5, tal como es usado en Mozilla Firefox en versiones anteriores a 40.0 y Firefox ESR 38.x en versiones anteriores a 38.2 en Linux, Google Chrome en Linux y otros productos, permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (desbordamiento de buffer basado en memoria dinámica y caída de aplicación) a través de dimensiones bitmap manipuladas que no son manejadas correctamente durante el escalado.. An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bitmap format images. An attacker could use a specially crafted BMP image file that, when processed by an application compiled against the gdk-pixbuf library, would cause that application to crash or execute arbitrary code with the permissions of the user running the application. • http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html http://lists.opensuse.org/opensuse • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 7%CPEs: 8EXPL: 2

Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow. Múltiples desbordamientos de enteros en la función read_bitmap_file_data de io-xbm.c en gdk-pixbuf antes de v2.26.1 permite a atacantes remotos causar una denegación de servicio (por caída de la aplicación) a través de un valor negativo en la (1) altura o (2) anchura en un archivo XBM, lo que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • http://git.gnome.org/browse/gdk-pixbuf http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22 http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516 http://rhn.redhat.com/errata/RHSA-2013-0135.html http://secunia.com/advisories/49125 http://secunia.com/advisories/49715 http://www.gentoo.org/security/en/glsa/glsa-201206-20.xml http://www.openwall.com/lists/oss-security/2012/05/15/8 http://www.openwall.com/lists&# • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •