Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
2.13%
Published
2005-11-18
Updated
2018-10-19
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
Max CVSS
7.5
EPSS Score
1.27%
Published
2005-11-18
Updated
2023-08-03
2 vulnerabilities found