Denial of Service Vulnerability in GdkPixBuf for GNOME Nautilus by Ubuntu
CVE-2017-12447

7.8HIGH

Key Information:

Vendor

Gnome
Status
Gdk-pixbuf
Nautilus
Vendor
CVE Published:
7 March 2019

What is CVE-2017-12447?

The GdkPixBuf library, utilized by GNOME Nautilus, is susceptible to a denial of service due to stack corruption. Attackers can exploit this vulnerability through specially crafted file folder operations, potentially leading to application instability or other unspecified adverse effects. Users of affected versions should evaluate their exposure and apply relevant patches to mitigate risks.

References

https://bugzilla.gnome.org/show_bug.cgi?id=785979
x_refsource_MISC
https://github.com/hackerlib/hackerlib-vul/tree/master/gnome
x_refsource_MISC
https://usn.ubuntu.com/3912-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.