Lucene search
UbuntuUSN-2722-1HistoryAug 26, 2015 - 12:00 a.m.
GDK-PixBuf vulnerability
2015-08-2600:00:00
ubuntu.com
54
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.013
Percentile
85.8%
Releases
- Ubuntu 15.04
- Ubuntu 14.04 ESM
- Ubuntu 12.04
Packages
- gdk-pixbuf - GDK Pixbuf library
Details
Gustavo Grieco discovered that GDK-PixBuf incorrectly handled scaling
bitmap images. If a user or automated system were tricked into opening a
BMP image file, a remote attacker could use this flaw to cause GDK-PixBuf
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-0 | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | gir1.2-gdkpixbuf-2.0 | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | gir1.2-gdkpixbuf-2.0-dbgsym | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-0-dbg | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-0-dbgsym | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-0-udeb | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-0-udeb-dbgsym | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-common | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-dev | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| Ubuntu | 15.04 | noarch | libgdk-pixbuf2.0-dev-dbgsym | < 2.31.3-1ubuntu0.1 | UNKNOWN |
References
Related
securityvulns
securityvulns
gdk-pixbuf buffer overflow
2015-08-24 00:00:00
[USN-2722-1] GDK-PixBuf vulnerability
2015-10-25 00:00:00
[SECURITY] [DSA 3337-1] gdk-pixbuf security update
2015-08-24 00:00:00
suse
suse
Security update for gdk-pixbuf (moderate)
2018-08-10 03:10:27
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-10 17:10:07
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-02 12:10:07
debiancve
debiancve
CVE-2015-4491
2015-08-16 01:59:19
nessus
nessus
Fedora 22 : mingw-gdk-pixbuf-2.31.6-1.fc22 (2015-14011)
2015-09-08 00:00:00
SUSE SLED12 / SLES12 Security Update : gdk-pixbuf (SUSE-SU-2018:2145-1)
2018-08-02 00:00:00
Fedora 21 : mingw-gdk-pixbuf-2.31.6-1.fc21 (2015-14010)
2015-09-08 00:00:00
ubuntucve
ubuntucve
CVE-2015-4491
2015-08-11 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2015-1694)
2015-10-06 00:00:00
Fedora Update for gdk-pixbuf2 FEDORA-2015-13925
2015-09-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2145-1)
2021-04-19 00:00:00
f5
f5
K76434343 : gdk-pixbuf vulnerability CVE-2015-4491
2017-09-13 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-gdk-pixbuf-2.31.6-1.fc22
2015-09-06 04:55:25
[SECURITY] Fedora 21 Update: gdk-pixbuf2-2.31.6-1.fc21
2015-09-06 06:24:59
[SECURITY] Fedora 22 Update: gdk-pixbuf2-2.31.6-1.fc22
2015-09-06 04:55:38
oraclelinux
oraclelinux
gdk-pixbuf2 security update
2015-08-31 00:00:00
thunderbird security update
2015-08-25 00:00:00
firefox security update
2015-08-11 00:00:00
debian
debian
[SECURITY] [DSA 3337-2] gdk-pixbuf security update
2015-12-17 05:40:28
[SECURITY] [DSA 3337-1] gdk-pixbuf security update
2015-08-18 13:37:18
[SECURITY] [DSA 3337-2] gdk-pixbuf security update
2015-12-17 05:40:28
ibm
ibm
mageia
mageia
Updated gdk-pixbuf2.0 package fixes security vulnerability
2015-08-13 23:56:40
Updated thunderbird packages fix security vulnerabilities
2015-08-27 23:49:46
Updated firefox packages fixes security vulnerabilities
2015-08-11 23:22:53
prion
prion
Integer overflow
2015-08-16 01:59:00
cvelist
cvelist
CVE-2015-4491
2015-08-16 01:00:00
mozilla
mozilla
Heap overflow in gdk-pixbuf when scaling bitmap images — Mozilla
2015-08-11 00:00:00
freebsd
freebsd
gdk-pixbuf2 -- heap overflow and DoS
2015-07-12 00:00:00
mozilla -- multiple vulnerabilities
2015-08-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:34
Denial Of Service (DoS)
2019-05-02 05:18:07
Denial Of Service (DoS)
2019-05-02 05:18:06
centos
centos
gdk security update
2015-08-31 16:41:33
thunderbird security update
2015-08-25 22:25:27
firefox security update
2015-08-11 20:36:44
redhat
redhat
(RHSA-2015:1694) Moderate: gdk-pixbuf2 security update
2015-08-31 00:00:00
(RHSA-2015:1682) Important: thunderbird security update
2015-08-25 00:00:00
(RHSA-2015:1586) Critical: firefox security update
2015-08-11 00:00:00
slackware
slackware
[slackware-security] gdk-pixbuf2
2015-09-01 23:35:52
nvd
nvd
CVE-2015-4491
2015-08-16 01:59:19
cve
cve
CVE-2015-4491
2015-08-16 01:59:19
gentoo
gentoo
gdk-pixbuf: Multiple Vulnerabilities
2015-12-21 00:00:00
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00
osv
osv
gtk+2.0 - security update
2016-02-27 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-08-25 00:00:00
Firefox regression
2015-08-20 00:00:00
Ubufox update
2015-08-11 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-08-12 00:00:00
kaspersky
kaspersky
KLA10643 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2015-08-11 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
8.3
Confidence
Low
EPSS
0.013
Percentile
85.8%
Related for USN-2722-1