CVE-2015-4491

Priority
Description
Integer overflow in the make_filter_table function in pixops/pixops.c in
gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and
Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other
products, allows remote attackers to execute arbitrary code or cause a
denial of service (heap-based buffer overflow and application crash) via
crafted bitmap dimensions that are mishandled during scaling.
Assigned-to
chrisccoulson
Notes
mdeslaurinitial gdk-pixbuf fix was incomplete
Package
Upstream:released (40.0)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [40.0+build4-0ubuntu0.14.04.1])
Package
Upstream:released (38.2.0)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [1:38.2.0+build1-0ubuntu0.14.04.1])
More Information

Updated: 2019-12-05 18:42:05 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)