Lucene search
Ubuntu.comUB:CVE-2015-4491HistoryAug 11, 2015 - 12:00 a.m.
CVE-2015-4491
2015-08-1100:00:00
ubuntu.com
ubuntu.com
13
0.013 Low
EPSS
Percentile
85.7%
Integer overflow in the make_filter_table function in pixops/pixops.c in
gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and
Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other
products, allows remote attackers to execute arbitrary code or cause a
denial of service (heap-based buffer overflow and application crash) via
crafted bitmap dimensions that are mishandled during scaling.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | initial gdk-pixbuf fix was incomplete |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 12.04 | noarch | firefox | < 40.0+build4-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | firefox | < 40.0+build4-0ubuntu0.14.04.1 | UNKNOWN |
| ubuntu | 15.04 | noarch | firefox | < 40.0+build4-0ubuntu0.15.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | gdk-pixbuf | < 2.26.1-1ubuntu1.2 | UNKNOWN |
| ubuntu | 14.04 | noarch | gdk-pixbuf | < 2.30.7-0ubuntu1.1 | UNKNOWN |
| ubuntu | 15.04 | noarch | gdk-pixbuf | < 2.31.3-1ubuntu0.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | thunderbird | < 1:38.2.0+build1-0ubuntu0.12.04.2 | UNKNOWN |
| ubuntu | 14.04 | noarch | thunderbird | < 1:38.2.0+build1-0ubuntu0.14.04.1 | UNKNOWN |
| ubuntu | 15.04 | noarch | thunderbird | < 1:38.2.0+build1-0ubuntu0.15.04.1 | UNKNOWN |
References
launchpad.net/bugs/cve/CVE-2015-4491
nvd.nist.gov/vuln/detail/CVE-2015-4491
security-tracker.debian.org/tracker/CVE-2015-4491
ubuntu.com/security/notices/USN-2702-1
ubuntu.com/security/notices/USN-2712-1
ubuntu.com/security/notices/USN-2722-1
www.cve.org/CVERecord?id=CVE-2015-4491
www.mozilla.org/en-US/security/advisories/mfsa2015-88/
Related
nessus
nessus
Ubuntu 14.04 LTS : GDK-PixBuf vulnerability (USN-2722-1)
2015-08-27 00:00:00
RHEL 6 / 7 : gdk-pixbuf2 (RHSA-2015:1694)
2015-09-01 00:00:00
openSUSE Security Update : gdk-pixbuf (openSUSE-2015-570)
2015-09-08 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 21 Update: gdk-pixbuf2-2.31.6-1.fc21
2015-09-06 06:24:59
[SECURITY] Fedora 22 Update: mingw-gdk-pixbuf-2.31.6-1.fc22
2015-09-06 04:55:25
[SECURITY] Fedora 21 Update: mingw-gdk-pixbuf-2.31.6-1.fc21
2015-09-06 06:24:47
prion
prion
Integer overflow
2015-08-16 01:59:00
debian
debian
[SECURITY] [DSA 3337-2] gdk-pixbuf security update
2015-12-17 05:40:46
[SECURITY] [DSA 3337-1] gdk-pixbuf security update
2015-08-18 13:37:38
[SECURITY] [DSA 3337-2] gdk-pixbuf security update
2015-12-17 05:40:28
cvelist
cvelist
CVE-2015-4491
2015-08-16 01:00:00
mageia
mageia
Updated gdk-pixbuf2.0 package fixes security vulnerability
2015-08-13 23:56:40
Updated thunderbird packages fix security vulnerabilities
2015-08-27 23:49:46
Updated firefox packages fixes security vulnerabilities
2015-08-11 23:22:53
openvas
openvas
openSUSE: Security Advisory for gdk-pixbuf (openSUSE-SU-2018:2287-1)
2018-08-10 00:00:00
Mozilla Firefox Security Advisory (MFSA2015-88) - Linux
2021-11-11 00:00:00
Ubuntu: Security Advisory (USN-2722-1)
2015-08-27 00:00:00
mozilla
mozilla
Heap overflow in gdk-pixbuf when scaling bitmap images — Mozilla
2015-08-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:07:34
Denial Of Service (DoS)
2019-05-02 05:18:06
Denial Of Service (DoS)
2019-05-02 05:18:07
centos
centos
gdk security update
2015-08-31 16:41:33
thunderbird security update
2015-08-25 22:25:27
firefox security update
2015-08-11 20:36:44
securityvulns
securityvulns
gdk-pixbuf buffer overflow
2015-08-24 00:00:00
[USN-2722-1] GDK-PixBuf vulnerability
2015-10-25 00:00:00
[SECURITY] [DSA 3337-1] gdk-pixbuf security update
2015-08-24 00:00:00
oraclelinux
oraclelinux
gdk-pixbuf2 security update
2015-08-31 00:00:00
thunderbird security update
2015-08-25 00:00:00
firefox security update
2015-08-11 00:00:00
f5
f5
K76434343 : gdk-pixbuf vulnerability CVE-2015-4491
2017-09-13 00:00:00
suse
suse
Security update for gdk-pixbuf (moderate)
2018-08-10 03:10:27
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-10 17:10:07
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-02 12:10:07
debiancve
debiancve
CVE-2015-4491
2015-08-16 01:59:00
ubuntu
ubuntu
GDK-PixBuf vulnerability
2015-08-26 00:00:00
Thunderbird vulnerabilities
2015-08-25 00:00:00
Ubufox update
2015-08-11 00:00:00
freebsd
freebsd
gdk-pixbuf2 -- heap overflow and DoS
2015-07-12 00:00:00
mozilla -- multiple vulnerabilities
2015-08-11 00:00:00
redhat
redhat
(RHSA-2015:1694) Moderate: gdk-pixbuf2 security update
2015-08-31 00:00:00
(RHSA-2015:1682) Important: thunderbird security update
2015-08-25 00:00:00
(RHSA-2015:1586) Critical: firefox security update
2015-08-11 00:00:00
cve
cve
CVE-2015-4491
2015-08-16 01:59:00
slackware
slackware
[slackware-security] gdk-pixbuf2
2015-09-01 23:35:52
osv
osv
gtk+2.0 - security update
2016-02-27 00:00:00
gentoo
gentoo
gdk-pixbuf: Multiple Vulnerabilities
2015-12-21 00:00:00
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00
kaspersky
kaspersky
KLA10643 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2015-08-11 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-08-12 00:00:00