oss-sec mailing list archives

CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1

From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Thu, 1 Oct 2015 10:03:33 -0300

Hello,

We found a heap overflow in the gdk-pixbuf implementation triggered by the
scaling of gif file.These issues are only fixed in the recent release of
gdk-pixbuf 2.32.1 but affects older versions (we tested it in a fully
updated Ubuntu 14.04).

These issues were found using QuickFuzz.

Regards,
Gustavo.

Current thread:

CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 01)
  - Re: Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Yann Droneaud (Oct 05)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 cve-assign (Oct 02)
- Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Andreas Stieger (Oct 05)
  - Re: CVE request: Heap overflow with a gif file in gdk-pixbuf < 2.32.1 Gustavo Grieco (Oct 05)