CVE-2017-2862

Debian Bug report logs - #874552 gdk-pixbuf: CVE-2017-2862: JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability Package: src:gdk-pixbuf; Maintainer for src:gdk-pixbuf is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> D ...

GDK-PixBuf could be made to crash or run programs as your login if it opened a specially crafted file ...

Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK Pixbuf library, which may result in the execution of arbitrary code if a malformed file is opened For the oldstable distribution (jessie), this problem has been fixed in version 2311-2+deb8u6 For the stable distribution (stretch), this problem has been fixed in version 236 ...

An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2366 A specially crafted jpeg file can cause a heap overflow resulting in remote code execution An attacker can send a file or url to trigger this vulnerability ...