CVE-2015-7673

EPSS 2.4%

gdk-pixbuf - security update

Published: 10/26/2015Modified: 4/28/2026

Also known as:DEBIAN-CVE-2015-7673

Description

io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.

Affected packages (3)

Debian/gdk-pixbuffrom 0, < 2.32.0-1
Debian/gdk-pixbuffrom 0, < 2.26.1-1+deb7u2
Debian/gtk+2.0from 0, < 2.21.5-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-7673