High severity7.5NVD Advisory· Published Oct 3, 2016· Updated May 6, 2026
CVE-2016-6352
CVE-2016-6352
Description
The OneLine32 function in io-ico.c in gdk-pixbuf before 2.35.3 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via crafted dimensions in an ICO file.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- www.openwall.com/lists/oss-security/2016/07/13/11nvdExploitRelease Notes
- bugzilla.gnome.org/show_bug.cginvdExploitIssue TrackingThird Party AdvisoryVDB Entry
- git.gnome.org/browse/gdk-pixbuf/commit/nvdExploitVendor Advisory
- lists.opensuse.org/opensuse-updates/2016-09/msg00040.htmlnvdThird Party Advisory
- www.openwall.com/lists/oss-security/2016/07/26/11nvdThird Party Advisory
- www.ubuntu.com/usn/USN-3085-1nvdThird Party Advisory
- git.gnome.org/browse/gdk-pixbuf/tree/NEWSnvdRelease NotesVendor Advisory
- lists.debian.org/debian-lts-announce/2019/12/msg00025.htmlnvd
News mentions
0No linked articles in our index yet.