[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111666

 
 

909

 
 

87321

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2015-4491Date: (C)2015-08-18   (M)2018-05-28


Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1033247
SECTRACK-1033372
DSA-3337
FEDORA-2015-13925
FEDORA-2015-13926
FEDORA-2015-14010
FEDORA-2015-14011
GLSA-201512-05
GLSA-201605-06
RHSA-2015:1586
RHSA-2015:1682
RHSA-2015:1694
SUSE-SU-2015:1449
SUSE-SU-2015:1528
SUSE-SU-2015:2081
USN-2702-1
USN-2702-2
USN-2702-3
USN-2712-1
USN-2722-1
http://www.mozilla.org/security/announce/2015/mfsa2015-88.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
https://bugzilla.gnome.org/show_bug.cgi?id=752297
https://bugzilla.mozilla.org/show_bug.cgi?id=1184009
https://bugzilla.redhat.com/show_bug.cgi?id=1252290
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199
openSUSE-SU-2015:1389
openSUSE-SU-2015:1390
openSUSE-SU-2015:1453
openSUSE-SU-2015:1454
openSUSE-SU-2015:1500

CPE    8
cpe:/o:oracle:solaris:10
cpe:/o:canonical:ubuntu_linux:15.04
cpe:/o:fedoraproject:fedora:21
cpe:/o:fedoraproject:fedora:22
...
CWE    1
CWE-189
OVAL    29
oval:org.secpod.oval:def:702722
oval:org.secpod.oval:def:702711
oval:org.secpod.oval:def:702714
oval:org.secpod.oval:def:203689
...

© SecPod Technologies