VYPR

Gdkpixbuf

by GNOME Foundation

CVEs (29)

  • CVE-2015-7673Oct 26, 2015
    risk 0.00cvss epss 0.05

    io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.

  • CVE-2012-2370Aug 13, 2012
    risk 0.00cvss epss 0.04

    Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

  • CVE-2011-2485Jul 3, 2012
    risk 0.00cvss epss 0.03

    The gdk_pixbuf__gif_image_load function in gdk-pixbuf/io-gif.c in gdk-pixbuf before 2.23.5 does not properly handle certain return values, which allows remote attackers to cause a denial of service (memory consumption) via a crafted GIF image file.

  • CVE-2005-3186Nov 18, 2005
    risk 0.00cvss epss 0.05

    Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.

  • CVE-2005-2975Nov 18, 2005
    risk 0.00cvss epss 0.03

    io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.

  • CVE-2005-2976Nov 18, 2005
    risk 0.00cvss epss 0.04

    Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.

  • CVE-2004-0788Oct 20, 2004
    risk 0.00cvss epss 0.06

    Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.

  • CVE-2004-0753Oct 20, 2004
    risk 0.00cvss epss 0.06

    The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.

  • CVE-2004-0111Apr 15, 2004
    risk 0.00cvss epss 0.02

    gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.

Page 2 of 2