[3.5] gdk-pixbuf: Heap overflow in the gdk_pixbuf__jpeg_image_load_increment function (CVE-2017-2862)ID: oval:org.secpod.oval:def:1800508 | Date: (C)2018-03-28 (M)2023-12-20 |
Class: PATCH | Family: unix |
An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability. Fixed in Gdk-Pixbuf 2.36.7
Platform: |
Alpine Linux 3.5 |