Описание
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 3:3.8.3-0.1 |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | released | 3:3.6.1-1ubuntu0.1~esm1 |
| esm-apps/focal | released | 3:3.8.0-2.1ubuntu0.1 |
| esm-apps/jammy | not-affected | 3:3.8.3-0.1 |
| esm-apps/xenial | released | 3:3.4.3-1ubuntu0.1~esm1 |
| esm-infra-legacy/trusty | DNE | |
| focal | released | 3:3.8.0-2.1ubuntu0.1 |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg( ...
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3