CVE-2015-4491

gdk-pixbuf < 2.31.5 - Remote Code Execution via Integer Overflow in make_filter_table

Title source: llm
STIX 2.1

Description

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

References (32)

Core 32
Core References
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3337
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-09/msg00002.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2712-1
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2702-3
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1682.html
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1586.html
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1252290
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2722-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033247
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2702-2
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1694.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2702-1
Issue Tracking x_refsource_confirm
https://bugzilla.gnome.org/show_bug.cgi?id=752297
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1184009
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201605-06
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033372
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201512-05
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

Scores

EPSS 0.0369
EPSS Percentile 88.1%

Details

CWE
CWE-189
Status published
Products (10)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 15.04
fedoraproject/fedora 21
fedoraproject/fedora 22
gnome/gdk-pixbuf < 2.31.4
opensuse/opensuse 13.1
opensuse/opensuse 13.2
oracle/solaris 10
oracle/solaris 11.3
Published Aug 16, 2015
Tracked Since Feb 18, 2026