Integer Overflow Vulnerability in gdk-pixbuf on Multiple Platforms
CVE-2015-4491

Currently unrated

Key Information:

Vendor

Gnome
Status
Gdk-pixbuf
Vendor
CVE Published:
16 August 2015

What is CVE-2015-4491?

The vulnerability in gdk-pixbuf's make_filter_table function arises from an integer overflow during the handling of bitmap dimensions. This flaw allows attackers to manipulate crafted bitmap dimensions, leading to a heap-based buffer overflow that can be exploited for remote code execution or to crash the application. It affects various software running on Linux, including notable products like Mozilla Firefox and Google Chrome, highlighting the risk to user systems if they are not promptly patched.

References

http://www.mozilla.org/security/announce/2015/mfsa2015-88...
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.debian.org/security/2015/dsa-3337
vendor-advisoryx_refsource_DEBIAN

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.