Integer Overflow in make_filter_table Function in gdk-pixbuf: Remote Code Execution and Denial of Service Vulnerability

Integer Overflow in make_filter_table Function in gdk-pixbuf: Remote Code Execution and Denial of Service Vulnerability

CVE-2015-4491 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.