CVEブラウザに戻る

CVE-2017-12447

HIGH

7.8

CVSS Severity Score

EPSS Score0.0550%

EPSS Percentile10.87th

Published2019年3月7日

Last Modified2024年11月21日

Vulnerability Description

GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.

Affected Platforms (CPE)

📦

Gnome

Gdk Pixbuf

= 2.32.2

📦

Gnome

Nautilus

= 3.14.3

References & Advisories

🔗 https://bugzilla.gnome.org/show_bug.cgi?id=785979

🔗 https://github.com/hackerlib/hackerlib-vul/tree/master/gnome

🔗 https://usn.ubuntu.com/3912-1/

🔗 https://bugzilla.gnome.org/show_bug.cgi?id=785979

🔗 https://github.com/hackerlib/hackerlib-vul/tree/master/gnome

🔗 https://usn.ubuntu.com/3912-1/

関連する脆弱性情報

CVE-2011-28979.8

gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw

CVE-2017-10004228.8

Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corrup...

CVE-2021-202408.8

A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a...

CVE-2021-446488.8

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image dat...