gdk-pixbuf - (bulletinjan2017)ID: oval:org.secpod.oval:def:2100457 | Date: (C)2019-12-20 (M)2022-10-10 |
Class: PATCH | Family: unix |
Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image, which triggers a heap-based buffer overflow.
Product: |
library/desktop/gtk2 |
library/desktop/gtk2/gtk-backend-cups |
image/viewer/eog |