VDB

GCVE-110-MAGEIA-2018-16

GCVE-110-MAGEIA-2018-16
Advisory Published
Vulnetix · Advisory published January 1, 2018
JPEG gdk_pixbuf__jpeg_image_load_increment Code Execution Vulnerability (CVE-2017-2862). tiff_image_parse Code Execution Vulnerability (CVE-2017-2870). Ariel Zelivansky discovered that the GDK-PixBuf library did not properly handle printing certain error messages. If an user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service (CVE-2017-6311). Out-of-bounds read on io-ico.c (CVE-2017-6312). A dangerous integer underflow in io-icns.c (CVE-2017-6313). Infinite loop in io-tiff.c (CVE-2017-6314). Note, the CVE-2017-2862, CVE-2017-2870, and CVE-2017-6311 issues only affected Mageia 5.

Affected Products

VendorProductVersionsPlatforms
Mageiagdk-pixbuf2.02.36.10-1.1.mga6 (unaffected), 2.36.10-1.1.mga6 (unaffected), 0 (affected), 0 (affected)
Mageiagdk-pixbuf2.00 (affected), 2.32.3-1.1.mga5 (unaffected), 2.32.3-1.1.mga5 (unaffected), 0 (affected)
Mageiapurple-facebook0 (affected), 0.9.5-1.mga6 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›