cpe:/a:gnome:gdk-pixbuf:2.31.4 cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ cpe:/o:canonical:ubuntu_linux:15.04 cpe:/o:fedoraproject:fedora:21 cpe:/o:fedoraproject:fedora:22 cpe:/o:novell:opensuse:13.1 cpe:/o:novell:opensuse:13.2 cpe:/o:oracle:solaris:10 cpe:/o:oracle:solaris:11.3 CVE-2015-4491 2015-08-15T21:59:19.143-04:00 2016-12-23T21:59:18.870-05:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2016-10-18T10:57:30.967-04:00 SECTRACK 1033247 SECTRACK 1033372 DEBIAN DSA-3337 FEDORA FEDORA-2015-13925 FEDORA FEDORA-2015-13926 FEDORA FEDORA-2015-14010 FEDORA FEDORA-2015-14011 GENTOO GLSA-201512-05 GENTOO GLSA-201605-06 REDHAT RHSA-2015:1586 REDHAT RHSA-2015:1682 REDHAT RHSA-2015:1694 SUSE SUSE-SU-2015:1449 SUSE SUSE-SU-2015:1528 SUSE SUSE-SU-2015:2081 UBUNTU USN-2702-1 UBUNTU USN-2702-2 UBUNTU USN-2702-3 UBUNTU USN-2712-1 UBUNTU USN-2722-1 CONFIRM http://www.mozilla.org/security/announce/2015/mfsa2015-88.html CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html CONFIRM http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html CONFIRM https://bugzilla.gnome.org/show_bug.cgi?id=752297 CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=1184009 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1252290 CONFIRM https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199 SUSE openSUSE-SU-2015:1389 SUSE openSUSE-SU-2015:1390 SUSE openSUSE-SU-2015:1453 SUSE openSUSE-SU-2015:1454 SUSE openSUSE-SU-2015:1500 Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.