CVE-2015-7674
Ubuntu Security Notice USN-2767-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.
Desbordamiento de entero en la función pixops_scale_nearest en pixops/pixops.c en gdk-pixbuf en versiones anteriores a 2.32.1 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un archivo de imagen GIF manipulado, lo que desencadena un desbordamiento de buffer basado en memoria dinámica.
Gustavo Grieco discovered that the GDK-PixBuf library did not properly handle scaling tga image files, leading to a heap overflow. If a user or automated system were tricked into opening a tga image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Gustavo Grieco discovered that the GDK-PixBuf library contained an integer overflow when handling certain GIF images. If a user or automated system were tricked into opening a GIF image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-10-02 CVE Reserved
- 2015-10-14 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
CAPEC
References (12)
| URL | Tag | Source |
|---|---|---|
| http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.1.news | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2015/10/01/4 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2015/10/01/7 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2015/10/02/10 | Mailing List |
|
| http://www.openwall.com/lists/oss-security/2015/10/05/7 | Mailing List |
|
| http://www.securityfocus.com/bid/76955 | Vdb Entry | |
| https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.ubuntu.com/usn/USN-2767-1 | 2018-10-30 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html | 2018-10-30 | |
| http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html | 2018-10-30 | |
| http://www.debian.org/security/2015/dsa-3378 | 2018-10-30 | |
| https://security.gentoo.org/glsa/201512-05 | 2018-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 12.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 15.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "15.04" | - |
Affected
| ||||||
| Gnome Search vendor "Gnome" | Gdk-pixbuf Search vendor "Gnome" for product "Gdk-pixbuf" | <= 2.32.0 Search vendor "Gnome" for product "Gdk-pixbuf" and version " <= 2.32.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||