CVE-2012-2370 in gdk-pixbufinfo

Summary

Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

Once again VulDB remains the best source for vulnerability data.

Reservation

04/19/2012

Disclosure

08/13/2012

Moderation

VulDB entry created

Entries

VDB-61579 (1)

CPE

ready

CWE

CWE-189 (Confirmed)

CVSS

5.3

EPSS

0.02266

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2370
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2370
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2370/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!