Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-8875

Опубликовано: 06 окт. 2015
Источник: redhat
CVSS2: 4.3

Описание

Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5gdk-pixbufWill not fix
Red Hat Enterprise Linux 6gdk-pixbuf2Not affected
Red Hat Enterprise Linux 7gdk-pixbuf2Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1337063gdk-pixbuf: Integer overflows in various pixops functions

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-8875

CVSS3: 7.8
ubuntu
больше 9 лет назад

Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.

nvd логотип

CVE-2015-8875

CVSS3: 7.8
nvd
больше 9 лет назад

Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.

debian логотип

CVE-2015-8875

CVSS3: 7.8
debian
больше 9 лет назад

Multiple integer overflows in the (1) pixops_composite_nearest, (2) pi ...

github логотип

GHSA-vvxc-jgjh-cjf4

CVSS3: 7.8
github
больше 3 лет назад

Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.

4.3 Medium

CVSS2