Описание
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.36.10-2 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [2.30.7-0ubuntu1.7]] |
| esm-infra/xenial | released | 2.32.2-1ubuntu1.3 |
| precise/esm | DNE | |
| trusty | released | 2.30.7-0ubuntu1.7 |
| trusty/esm | DNE | trusty was released [2.30.7-0ubuntu1.7] |
| upstream | needs-triage | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 2.32.2-1ubuntu1.3 |
| zesty | released | 2.36.5-3ubuntu0.2 |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
An exploitable integer overflow vulnerability exists in the tiff_image ...
An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3