FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gdk-pixbuf -- multiple vulnerabilities

Affected packages
		gtk-pixbuf2	<	2.36.7

Details

VuXML ID	5a1f1a86-8f4c-11e7-b5af-a4badb2f4699
Discovery	2017-08-30
Entry	2017-09-01

TALOS reports:

An exploitable integer overflow vulnerability exists in the tiff_image_parse functionality.

An exploitable heap-overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality.

[source]

References

CVE Name	CVE-2017-2862
CVE Name	CVE-2017-2870
URL	http://blog.talosintelligence.com/2017/08/vuln-spotlight-multiple-gdk.html

	
		OSZAR »