CVE-2017-6313
CVE-2017-6313
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://mov.sx/2017/02/21/bug-hunting-gdk-pixbuf.htmlhttps://bugzilla.gnome.org/show_bug.cgi?id=779016https://lists.debian.org/debian-lts-announce/2019/12/msg00025.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SJF5ARFOX4BFUK6YCBKGAKBQYECO3AI2/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VSAZ6UCKKXC5VOWXGWQHOX2ZBLLATIOT/https://security.gentoo.org/glsa/201709-08http://www.openwall.com/lists/oss-security/2017/02/21/4http://www.openwall.com/lists/oss-security/2017/02/26/1http://www.securityfocus.com/bid/96779