QwikSec

Security Database

CVE

CWE

Training

CVE-2015-4491

Published: Aug 16, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.mozilla.org/security/announce/2015/mfsa2015-88.html

x_refsource_CONFIRM

FEDORA-2015-14011

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2015:1500

vendor-advisory

x_refsource_SUSE

SUSE-SU-2015:2081

vendor-advisory

x_refsource_SUSE

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2015:1454

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2015:1389

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2015:1453

vendor-advisory

x_refsource_SUSE

FEDORA-2015-13926

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=1252290

x_refsource_CONFIRM

FEDORA-2015-13925

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

SUSE-SU-2015:1528

vendor-advisory

x_refsource_SUSE

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_UBUNTU

https://bugzilla.gnome.org/show_bug.cgi?id=752297

x_refsource_CONFIRM

https://bugzilla.mozilla.org/show_bug.cgi?id=1184009

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

FEDORA-2015-14010

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2015:1449

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2015:1390

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.