Fluid Attacks Database

Description

Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted BMP file.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel7	pyatspi	<0:2.20.3-1.el7	0:2.20.3-1.el7
debian 14	gdk-pixbuf	>=0 <2.32.0-1	2.32.0-1
debian 12	gdk-pixbuf	>=0 <2.32.0-1	2.32.0-1
rpm rhel7	glib2	<0:2.50.3-3.el7	0:2.50.3-3.el7
debian 13	gdk-pixbuf	>=0 <2.32.0-1	2.32.0-1
debian 11	gdk-pixbuf	>=0 <2.32.0-1	2.32.0-1
rpm rhel7	at-spi2-atk	<0:2.22.0-2.el7	0:2.22.0-2.el7
rpm rhel7	atk	<0:2.22.0-3.el7	0:2.22.0-3.el7
rpm rhel7	cairo	<0:1.14.8-2.el7	0:1.14.8-2.el7
rpm rhel7	gtk3	<0:3.22.10-4.el7	0:3.22.10-4.el7

1-10 of 17

Aliases

1. CVE-2015-75522. NVD-2015-75523. OSV-2015-75524. OSV-DEBIAN-2015-75525. SECURITY-TRACKER-CVE-2015-7552

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.