VDB
CVE-2012-2370
CVE-2012-2370
PUBLISHED
CVSS 5 MEDIUM
Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.
EPSS 3.10% · 87.0th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
3.10%
87.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| gnome | gdk-pixbuf | 0, 2.23.3, 2.23.5 |
Exploit Intelligence
- http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22 (nist-nvd)
- https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150 (nist-nvd)
- GLSA-201206-20 (circl)
- RHSA-2013:0135 (circl)
- http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516 (circl)
- 49125 (circl)
- gdkpixbuf-readbitmapfiledata-bo(75578) (circl)
- [oss-security] 20120515 Re: CVE Request: gdk-pixbuf Integer overflow in XBM file loader (circl)
- 49715 (circl)
- 53548 (circl)
…and 2 more exploits
Timeline
- Aug 13, 2012 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 3, 2023 EPSS Score
- Feb 9, 2023 EPSS Score
- Feb 13, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 1, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- GLSA-201206-20 vendor-advisory
- RHSA-2013:0135 vendor-advisory
- http://git.gnome.org/browse/gdk-pixbuf/commit/?id=b1bb3053856aede37d473c92f0e5a10e29f10516 url
- https://bugs.launchpad.net/ubuntu/+source/gdk-pixbuf/+bug/681150 url
- 49125 third-party-advisory
- gdkpixbuf-readbitmapfiledata-bo(75578) vdb
- [oss-security] 20120515 Re: CVE Request: gdk-pixbuf Integer overflow in XBM file loader mailing-list
- http://git.gnome.org/browse/gdk-pixbuf/commit/?id=4f0f465f991cd454d03189497f923eb40c170c22 url
- 49715 third-party-advisory
- 53548 vdb
- [oss-security] 20120515 CVE Request: gdk-pixbuf Integer overflow in XBM file loader mailing-list
- http://git.gnome.org/browse/gdk-pixbuf/ url
- https://nvd.nist.gov/vuln/detail/CVE-2012-2370 advisory
- https://access.redhat.com/errata/RHSA-2013:0135 url
- https://access.redhat.com/security/cve/CVE-2012-2370 url
- https://bugzilla.redhat.com/show_bug.cgi?id=822468 url
- http://git.gnome.org/browse/gdk-pixbuf url