CVE-2016-6352

Опубликовано: 03 окт. 2016

Источник: debian

EPSS Низкий

Описание

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gdk-pixbuf	fixed	2.35.4-1		package
gdk-pixbuf	not-affected		wheezy	package

Примечания

https://www.openwall.com/lists/oss-security/2016/07/13/11
https://bugzilla.gnome.org/show_bug.cgi?id=769170
Fixed by: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599

EPSS

Процентиль: 81%

0.01556

Низкий

Связанные уязвимости

CVE-2016-6352

CVSS3: 7.5

ubuntu

больше 9 лет назад

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

CVE-2016-6352

CVSS3: 6.5

redhat

больше 9 лет назад

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

CVE-2016-6352

CVSS3: 7.5

nvd

больше 9 лет назад

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

openSUSE-SU-2016:2276-1

suse-cvrf

больше 9 лет назад

Security update for gdk-pixbuf

GHSA-mrq8-qgpv-5qqv

CVSS3: 7.5

github

больше 3 лет назад

The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.

EPSS

Процентиль: 81%

0.01556

Низкий