[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-4491Date: (C)2015-08-18   (M)2024-02-01


Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1033247
SECTRACK-1033372
DSA-3337
FEDORA-2015-13925
FEDORA-2015-13926
FEDORA-2015-14010
FEDORA-2015-14011
GLSA-201512-05
GLSA-201605-06
RHSA-2015:1586
RHSA-2015:1682
RHSA-2015:1694
SUSE-SU-2015:1449
SUSE-SU-2015:1528
SUSE-SU-2015:2081
USN-2702-1
USN-2702-2
USN-2702-3
USN-2712-1
USN-2722-1
http://www.mozilla.org/security/announce/2015/mfsa2015-88.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
https://bugzilla.gnome.org/show_bug.cgi?id=752297
https://bugzilla.mozilla.org/show_bug.cgi?id=1184009
https://bugzilla.redhat.com/show_bug.cgi?id=1252290
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199
openSUSE-SU-2015:1389
openSUSE-SU-2015:1390
openSUSE-SU-2015:1453
openSUSE-SU-2015:1454
openSUSE-SU-2015:1500

CPE    14
cpe:/a:mozilla:firefox_esr:38.0
cpe:/o:fedoraproject:fedora:21
cpe:/o:fedoraproject:fedora:22
cpe:/a:mozilla:firefox_esr:38.0.1
...
CWE    1
CWE-189
OVAL    36
oval:org.secpod.oval:def:52550
oval:org.secpod.oval:def:501642
oval:org.secpod.oval:def:26784
oval:org.secpod.oval:def:2102799
...

© SecPod Technologies