DebianDEBIAN:DLA-419-1:1FB5B[SECURITY] [DLA 419-1] gtk+2.0 security update
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
0.033 Low
EPSS
Percentile
91.4%
Package : gtk+2.0
Version : 2.20.1-2+deb6u1
CVE ID : CVE-2013-7447
Debian Bug : 799275
Gtk+2.0, a graphical user interface library, was susceptible to an integer
overflow in its gdk_cairo_set_source_pixbuf function when allocating a
large block of memory.
For Debian 6 "Squeeze", this issue has been fixed in gtk+2.0 version
2.20.1-2+deb6u1. We recommend you to upgrade your gtk+2.0 packages.
Learn more about the Debian Long Term Support (LTS) Project and how to
apply these updates at: https://wiki.debian.org/LTS/
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 8 | amd64 | libgail-dbg | < 2.24.25-3+deb8u1 | libgail-dbg_2.24.25-3+deb8u1_amd64.deb |
| Debian | 8 | amd64 | gir1.2-gtk-2.0 | < 2.24.25-3+deb8u1 | gir1.2-gtk-2.0_2.24.25-3+deb8u1_amd64.deb |
| Debian | 8 | armhf | libgail-dev | < 2.24.25-3+deb8u1 | libgail-dev_2.24.25-3+deb8u1_armhf.deb |
| Debian | 6 | i386 | libgail-common | < 2.20.1-2+deb6u1 | libgail-common_2.20.1-2+deb6u1_i386.deb |
| Debian | 7 | sparc | libgtk-3-0-udeb | < 3.4.2-7+deb7u1 | libgtk-3-0-udeb_3.4.2-7+deb7u1_sparc.deb |
| Debian | 8 | armel | gir1.2-gtk-2.0 | < 2.24.25-3+deb8u1 | gir1.2-gtk-2.0_2.24.25-3+deb8u1_armel.deb |
| Debian | 7 | sparc | libgtk-3-0 | < 3.4.2-7+deb7u1 | libgtk-3-0_3.4.2-7+deb7u1_sparc.deb |
| Debian | 8 | i386 | gir1.2-gtk-2.0 | < 2.24.25-3+deb8u1 | gir1.2-gtk-2.0_2.24.25-3+deb8u1_i386.deb |
| Debian | 8 | s390x | libgtk2.0-0-udeb | < 2.24.25-3+deb8u1 | libgtk2.0-0-udeb_2.24.25-3+deb8u1_s390x.deb |
| Debian | 6 | amd64 | libgtk2.0-0-dbg | < 2.20.1-2+deb6u1 | libgtk2.0-0-dbg_2.20.1-2+deb6u1_amd64.deb |
Related
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
0.033 Low
EPSS
Percentile
91.4%