17 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-2862
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can...
RHEL 6 : gdk-pixbuf2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdk-pixbuf2: Integer overflow in tiffimageparse function CVE-2017-2870 - The OneLine32 function in io-ico...
K36984830: Gdk-pixbuf vulnerability CVE-2017-2862
Security Advisory Description An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this...
Huawei EulerOS: Security Advisory for gdk-pixbuf2 (EulerOS-SA-2021-2111)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : gdk-pixbuf2 (EulerOS-SA-2021-2111)
According to the versions of the gdk-pixbuf2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used ...
SUSE: Security Advisory (SUSE-SU-2017:2381-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : gtk2 (SUSE-SU-2018:2470-1)
This update for gtk2 provides the following fixes: These security issues were fixed : - CVE-2017-6312: Prevent integer overflow that allowed context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file bsc1027026...
EulerOS 2.0 SP2 : gdk-pixbuf2 (EulerOS-SA-2018-1046)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially...
EulerOS 2.0 SP1 : gdk-pixbuf2 (EulerOS-SA-2018-1045)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gdk-pixbuf is an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ ...
USN-3418-1: GDK-PixBuf vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote attacker could u...
[SECURITY] [DLA 1100-1] gdk-pixbuf security update
Package : gdk-pixbuf Version : 2.26.1-1+deb7u6 CVE ID : CVE-2017-2862 Debian Bug : 874552 Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK Pixbuf library, which may result in the execution of arbitrary code if a malformed file is opened. For Debian 7 "Wheezy", these problems...
Ubuntu 14.04 LTS / 16.04 LTS : GDK-PixBuf vulnerabilities (USN-3418-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3418-1 advisory. It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into...
USN-3418-1: GDK-PixBuf vulnerabilities
It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly...
openSUSE Security Update : gdk-pixbuf (openSUSE-2017-1024)
This update for gdk-pixbuf fixes the following issues : - CVE-2017-2862: JPEG gdkpixbufjpegimageloadincrement Code Execution Vulnerability bsc1048289 - CVE-2017-2870: tiffimageparse Code Execution Vulnerability bsc1048544 - CVE-2017-6313: A dangerous integer underflow in io-icns.c bsc1027024 -...
Gdk-Pixbuf JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability(CVE-2017-2862)
Summary An exploitable heap overflow vulnerability exists in the gdkpixbufjpegimageloadincrement functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability. Tested...
openSUSE: Security Advisory for gdk-pixbuf (openSUSE-SU-2017:2393-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2017-2862
CVE-2017-2862 affects Gdk-Pixbuf 2.36.6, with a heap overflow in gdk_pixbuf__jpeg_image_load_increment that can be triggered by a crafted JPEG file (or URL) to achieve remote code execution. Multiple connected documents confirm the vulnerability and provide remediation guidance, including Debian ...