Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2013-7447

Published: 17/02/2016 Updated: 03/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Subscribe to Ubuntu Linux

Vulnerability Summary

Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ prior to 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote malicious users to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 15.10

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

gtk gtk\\\\\\+

Vendor Advisories

Debian CVElist Bug Report Logs: [GDK] patch - avoid integer overflow when allocating a large block of memory (CVE-2013-7447)
Debian Bug report logs - #799275 [GDK] patch - avoid integer overflow when allocating a large block of memory (CVE-2013-7447) Package: src:gtk+20; Maintainer for src:gtk+20 is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Affects: eom Reported by: Vlad Orlov <monsta@inboxru> Date: Thu, 17 ...
Ubuntu Security Notice: gtk+2.0, gtk+3.0 vulnerability
GTK+ could be made to crash or run programs as your login if it processed a specially crafted image ...
Ubuntu Security Notice: eog vulnerability
Eye of GNOME could be made to crash or run programs as your login if it opened a specially crafted image ...
Red Hat: CVE-2013-7447
Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairoc in GTK+ before 398, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation ...

References

NVD-CWE-Otherhttps://bugzilla.gnome.org/show_bug.cgi?id=703220http://www.openwall.com/lists/oss-security/2016/02/10/2https://bugs.launchpad.net/ubuntu/+source/gtk+2.0/+bug/1540811http://www.openwall.com/lists/oss-security/2016/02/10/6http://www.ubuntu.com/usn/USN-2898-2https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6http://www.ubuntu.com/usn/USN-2898-1https://git.gnome.org/browse/gtk+/tree/NEWShttps://github.com/mate-desktop/eom/issues/93http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.htmlhttp://www.securityfocus.com/bid/83239http://lists.opensuse.org/opensuse-updates/2016-03/msg00010.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799275https://usn.ubuntu.com/2898-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook