CVE-2013-7447

Published: 31 December 2013

Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.

Priority

Cvss 3 Severity Score

6.5

Score breakdown

Status

Package	Release	Status
eog Launchpad, Ubuntu, Debian	artful	Released (3.18.1-1ubuntu2)
	bionic	Released (3.18.1-1ubuntu2)
	cosmic	Released (3.18.1-1ubuntu2)
	disco	Released (3.18.1-1ubuntu2)
	eoan	Released (3.18.1-1ubuntu2)
	focal	Released (3.18.1-1ubuntu2)
	groovy	Released (3.18.1-1ubuntu2)
	hirsute	Released (3.18.1-1ubuntu2)
	impish	Released (3.18.1-1ubuntu2)
	jammy	Released (3.18.1-1ubuntu2)
	kinetic	Released (3.18.1-1ubuntu2)
	lunar	Released (3.18.1-1ubuntu2)
	mantic	Released (3.18.1-1ubuntu2)
	precise	Released (3.4.2-0ubuntu1.2)
	trusty	Released (3.10.2-0ubuntu5.1)
	upstream	Needs triage
	wily	Released (3.16.3-1ubuntu2.1)
	xenial	Released (3.18.1-1ubuntu2)
	yakkety	Released (3.18.1-1ubuntu2)
	zesty	Released (3.18.1-1ubuntu2)
eom Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	wily	Ignored (end of life)
	xenial	Not vulnerable
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
	Patches: upstream: https://github.com/mate-desktop/eom/commit/b7849cc5b6e7fd741ef04e334f586266a444ef8a
gambas3 Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Does not exist
	cosmic	Does not exist
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needs triage
	groovy	Ignored (end of life)
	hirsute	Ignored (end of life)
	impish	Ignored (end of life)
	jammy	Needs triage
	kinetic	Ignored (end of life, was needs-triage)
	lunar	Ignored (end of life, was needs-triage)
	mantic	Needs triage
	precise	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	wily	Ignored (end of life)
	xenial	Needed
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
gnome-photos Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
	precise	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	wily	Ignored (end of life)
	xenial	Needed
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
gtk+2.0 Launchpad, Ubuntu, Debian	artful	Not vulnerable (2.24.29-1ubuntu2)
	bionic	Not vulnerable (2.24.29-1ubuntu2)
	cosmic	Not vulnerable (2.24.29-1ubuntu2)
	disco	Not vulnerable (2.24.29-1ubuntu2)
	eoan	Not vulnerable (2.24.29-1ubuntu2)
	focal	Not vulnerable (2.24.29-1ubuntu2)
	groovy	Not vulnerable (2.24.29-1ubuntu2)
	hirsute	Not vulnerable (2.24.29-1ubuntu2)
	impish	Not vulnerable (2.24.29-1ubuntu2)
	jammy	Not vulnerable (2.24.29-1ubuntu2)
	kinetic	Not vulnerable (2.24.29-1ubuntu2)
	lunar	Not vulnerable (2.24.29-1ubuntu2)
	mantic	Not vulnerable (2.24.29-1ubuntu2)
	precise	Released (2.24.10-0ubuntu6.3)
	trusty	Released (2.24.23-0ubuntu1.4)
	upstream	Needs triage
	wily	Released (2.24.28-1ubuntu1.1)
	xenial	Not vulnerable (2.24.29-1ubuntu2)
	yakkety	Not vulnerable (2.24.29-1ubuntu2)
	zesty	Not vulnerable (2.24.29-1ubuntu2)
gtk+3.0 Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
	precise	Released (3.4.2-0ubuntu0.9)
	trusty	Does not exist (trusty was not-affected [3.10.8-0ubuntu1.6])
	upstream	Released (3.10.7-1)
	wily	Not vulnerable
	xenial	Not vulnerable
	yakkety	Not vulnerable
	zesty	Not vulnerable
	Patches: upstream: https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
pinpoint Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Needed
	cosmic	Ignored (end of life)
	disco	Ignored (end of life)
	eoan	Ignored (end of life)
	focal	Needed
	groovy	Ignored (end of life)
	hirsute	Ignored (end of life)
	impish	Ignored (end of life)
	jammy	Needed
	kinetic	Ignored (end of life, was needed)
	lunar	Ignored (end of life, was needed)
	mantic	Needed
	precise	Ignored (end of life)
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	wily	Ignored (end of life)
	xenial	Needed
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)
thunar Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Not vulnerable
	cosmic	Not vulnerable
	disco	Not vulnerable
	eoan	Not vulnerable
	focal	Not vulnerable
	groovy	Not vulnerable
	hirsute	Not vulnerable
	impish	Not vulnerable
	jammy	Not vulnerable
	kinetic	Not vulnerable
	lunar	Not vulnerable
	mantic	Not vulnerable
	precise	Ignored (end of life)
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	wily	Ignored (end of life)
	xenial	Needed
	yakkety	Ignored (end of life)
	zesty	Ignored (end of life)

Severity score breakdown

Parameter	Value
Base score	6.5
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	Required
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›