CVE-2015-4491
MEDIUM severity · CVSS 6.8 · CWE-189
6.8CVSS MEDIUM
Summary
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.
Impact & exploitability
Attack vectorNetwork
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)8%
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected products we track (1)
Recommendation
Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.htmlAdvisory
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.htmlAdvisory
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.htmlAdvisory
- http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html