An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality of Gdk-Pixbuf 2.36.6 when compiled with Clang. A specially crafted tiff file can cause a heap-overflow resulting in remote code execution. An attacker can send a file or a URL to trigger this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 8.0 | |
gdk-pixbuf | eq | 2.36.6 |