Vulnerability in Gnome Gdk-pixbuf
CVE-2012-2370
Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which t…
EPSS: 0.023 (85.0th percentile) — read the EPSS interpretation.
Affected products
- Gnome Gdk-pixbuf — versions 2.23.3, 2.23.4, 2.23.5
- N/a — versions n/a
Weakness classification (CWE)
References
- GLSA-201206-20 (vendor-advisory, x_refsource_GENTOO)
- RHSA-2013:0135 (x_refsource_REDHAT, vendor-advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Patch)
- secalert@redhat.com (Exploit, x_refsource_MISC)
- 49125 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- gdkpixbuf-readbitmapfiledata-bo(75578) (vdb-entry, x_refsource_XF)
- [oss-security] 20120515 Re: CVE Request: gdk-pixbuf Integer overflow in XBM file loader (mailing-list, x_refsource_MLIST)
- secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
- 49715 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 53548 (vdb-entry, x_refsource_BID)