oss-sec mailing list archives

CVE Request: gdk-pixbuf Integer overflow in XBM file loader

From: Sean Amoss <ackle () gentoo org>
Date: Tue, 15 May 2012 07:50:14 -0400

Hello,

I have not seen a CVE assigned for this issue yet:

"It's possible to crash any application with memory allocation error, or
potentially corrupt heap because width/height parameters isn't properly
verified."


References:
https://bugs.gentoo.org/show_bug.cgi?id=412033
https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150

Upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=672811

Upstream commit:
http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22


Thanks,
Sean

-- 
Sean Amoss
Gentoo Security | GLSA Coordinator
E-Mail    : ackle () gentoo org
GnuPG ID  : E928357A
GnuPG FP  : E58A AABD DD2D 03AF 0A7A 2F14 1877 72EC E928 357A

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

CVE Request: gdk-pixbuf Integer overflow in XBM file loader Sean Amoss (May 15)
- Re: CVE Request: gdk-pixbuf Integer overflow in XBM file loader Kurt Seifried (May 15)