CVE-2012-2370

EPSS 2.3%

Published: 8/13/2012Modified: 4/28/2026

Also known as:DEBIAN-CVE-2012-2370

Description

Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

Affected packages (1)

Debian/gdk-pixbuffrom 0, < 2.26.1-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-2370