6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.024 Low
EPSS
Percentile
89.9%
Package : gtk+2.0
Version : 2.20.1-2+deb6u2
CVE ID : CVE-2015-4491 CVE-2015-7673 CVE-2015-7674
Gustavo Grieco discovered different security issues in Gtk+2.0's
gdk-pixbuf.
CVE-2015-4491
Heap overflow when processing BMP images which may allow to execute
of arbitrary code via malformed images.
CVE-2015-7673
Heap overflow when processing TGA images which may allow execute
arbitrary code or denial of service (process crash) via malformed
images.
CVE-2015-7674
Integer overflow when processing GIF images which may allow to
execute arbitrary code or denial of service (process crash) via
malformed image.
For Debian 6 "Squeeze", these issues have been fixed in gtk+2.0 version
2.20.1-2+deb6u2. We recommend you to upgrade your gtk+2.0 packages.
Learn more about the Debian Long Term Support (LTS) Project and how to
apply these updates at: https://wiki.debian.org/LTS/
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | libgtk2.0-0-udeb | < 2.20.1-2+deb6u2 | libgtk2.0-0-udeb_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgtk2.0-0-dbg | < 2.20.1-2+deb6u2 | libgtk2.0-0-dbg_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgail18 | < 2.20.1-2+deb6u2 | libgail18_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgtk2.0-bin | < 2.20.1-2+deb6u2 | libgtk2.0-bin_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgtk2.0-common | < 2.20.1-2+deb6u2 | libgtk2.0-common_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | gtk2-engines-pixbuf | < 2.20.1-2+deb6u2 | gtk2-engines-pixbuf_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgtk2.0-doc | < 2.20.1-2+deb6u2 | libgtk2.0-doc_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgtk2.0-0 | < 2.20.1-2+deb6u2 | libgtk2.0-0_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | libgail-doc | < 2.20.1-2+deb6u2 | libgail-doc_2.20.1-2+deb6u2_all.deb |
Debian | 6 | all | gtk+2.0 | < 2.20.1-2+deb6u2 | gtk+2.0_2.20.1-2+deb6u2_all.deb |