Описание
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.36.10-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.30.7-0ubuntu1.7]] |
| esm-infra/xenial | released | 2.32.2-1ubuntu1.3 |
| precise/esm | DNE | |
| trusty | released | 2.30.7-0ubuntu1.7 |
| trusty/esm | DNE | trusty was released [2.30.7-0ubuntu1.7] |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 2.32.2-1ubuntu1.3 |
| zesty | released | 2.36.5-3ubuntu0.2 |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__j ...
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3