An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.
References
Link | Resource |
---|---|
http://www.debian.org/security/2017/dsa-3978 | Third Party Advisory |
http://www.securityfocus.com/bid/100541 | Broken Link |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0366 | Exploit Technical Description Third Party Advisory |
Configurations
History
07 Jun 2022, 17:39
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* | |
References | (DEBIAN) http://www.debian.org/security/2017/dsa-3978 - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/100541 - Broken Link | |
CWE | CWE-787 |
Information
Published : 2017-09-05 18:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-2862
Mitre link : CVE-2017-2862
CVE.ORG link : CVE-2017-2862
JSON object : View
Products Affected
gnome
- gdk-pixbuf
debian
- debian_linux
CWE
CWE-787
Out-of-bounds Write