Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2017-6313

Published: 10/03/2017 Updated: 07/11/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Subscribe to Gnome

Vulnerability Summary

Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent malicious users to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnome gdk-pixbuf

fedoraproject fedora 30

fedoraproject fedora 31

debian debian linux 8.0

Vendor Advisories

Ubuntu Security Notice: gdk-pixbuf vulnerabilities
Several security issues were fixed in GDK-PixBuf ...
Debian CVElist Bug Report Logs: gdk-pixbuf: CVE-2017-6312: Possible out-of-bounds read
Debian Bug report logs - #856444 gdk-pixbuf: CVE-2017-6312: Possible out-of-bounds read Package: src:gdk-pixbuf; Maintainer for src:gdk-pixbuf is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 1 Mar 2017 05:57:02 UTC Severity ...
Debian CVElist Bug Report Logs: gdk-pixbuf: CVE-2017-6313: Integer underflow in io-icns.c
Debian Bug report logs - #856445 gdk-pixbuf: CVE-2017-6313: Integer underflow in io-icnsc Package: src:gdk-pixbuf; Maintainer for src:gdk-pixbuf is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 1 Mar 2017 06:06:02 UTC Sever ...
Debian CVElist Bug Report Logs: gdk-pixbuf: CVE-2017-6314: Infinite loop in io-tiff.c with large size
Debian Bug report logs - #856448 gdk-pixbuf: CVE-2017-6314: Infinite loop in io-tiffc with large size Package: src:gdk-pixbuf; Maintainer for src:gdk-pixbuf is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 1 Mar 2017 06:09:0 ...
Debian Security Advisories: DSA-4088-1 gdk-pixbuf -- security update
It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened For the oldstable distribution (jessie), this problem has been fixed in version 2311-2+deb8u7 For the stable distribution (stretch ...
Red Hat: CVE-2017-6313
Integer underflow in the load_resources function in io-icnsc in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file ...

References

CWE-191https://bugzilla.gnome.org/show_bug.cgi?id=779016http://www.openwall.com/lists/oss-security/2017/02/26/1http://www.openwall.com/lists/oss-security/2017/02/21/4http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.htmlhttp://www.securityfocus.com/bid/96779https://security.gentoo.org/glsa/201709-08https://lists.debian.org/debian-lts-announce/2019/12/msg00025.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJF5ARFOX4BFUK6YCBKGAKBQYECO3AI2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSAZ6UCKKXC5VOWXGWQHOX2ZBLLATIOT/https://usn.ubuntu.com/3532-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook