QwikSec

Security Database

CVE

CWE

Training

CVE-2015-7673

Published: Oct 26, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=edf6fb8d856574bc3bb3a703037f56533229267c

x_refsource_CONFIRM

[oss-security] 20151001 CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

openSUSE-SU-2016:1467

vendor-advisory

x_refsource_SUSE

http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.32/gdk-pixbuf-2.32.0.news

x_refsource_CONFIRM

openSUSE-SU-2016:0897

vendor-advisory

x_refsource_SUSE

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=19f9685dbff7d1f929c61cf99188df917a18811d

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

[oss-security] 20151002 Re: CVE request: Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

https://git.gnome.org/browse/gdk-pixbuf/commit/?id=6ddca835100107e6b5841ce9d56074f6d98c387e

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.