Your submission was sent successfully! Close

CVE-2015-7674

Published: 2 October 2015

Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.

Priority

Medium

Status

Package Release Status
gdk-pixbuf
Launchpad, Ubuntu, Debian
precise
Released (2.26.1-1ubuntu1.3)
trusty Does not exist
(trusty was released [2.30.7-0ubuntu1.2])
upstream
Released (2.32.1)
vivid
Released (2.31.3-1ubuntu0.2)
Patches:
upstream: https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa