Published: 18/04/2016 Updated: 07/11/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse opensuse 13.2

GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file ...

Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using gdk-pixbuf (application crash), or potentially, to execute arbitrary code with the privileges of the user running the app ...

Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scalec in gdk-pixbuf 230x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file ...

CWE-119 http://lists.opensuse.org/opensuse-updates/2016-03/msg00124.html https://bugzilla.suse.com/show_bug.cgi?id=958963 http://www.ubuntu.com/usn/USN-3085-1 http://lists.opensuse.org/opensuse-updates/2016-06/msg00006.html http://www.debian.org/security/2016/dsa-3589 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJF5ARFOX4BFUK6YCBKGAKBQYECO3AI2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSAZ6UCKKXC5VOWXGWQHOX2ZBLLATIOT/https://usn.ubuntu.com/3085-1/https://nvd.nist.gov

CVE-2015-7552

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect