Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2013-7447

Published: Feb 17, 2016 | Modified: Dec 03, 2016
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 LOW
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2013-7447
CWEhttps://cwe.mitre.org/data/definitions/NVD-Other.html

Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.

Affected Software

Name Vendor Start Version End Version
Ubuntu_linux Canonical 12.04 (including) 12.04 (including)
Ubuntu_linux Canonical 14.04 (including) 14.04 (including)
Ubuntu_linux Canonical 15.10 (including) 15.10 (including)
Eog Ubuntu artful *
Eog Ubuntu bionic *
Eog Ubuntu cosmic *
Eog Ubuntu devel *
Eog Ubuntu disco *
Eog Ubuntu eoan *
Eog Ubuntu focal *
Eog Ubuntu groovy *
Eog Ubuntu hirsute *
Eog Ubuntu impish *
Eog Ubuntu jammy *
Eog Ubuntu kinetic *
Eog Ubuntu lunar *
Eog Ubuntu mantic *
Eog Ubuntu noble *
Eog Ubuntu oracular *
Eog Ubuntu precise *
Eog Ubuntu trusty *
Eog Ubuntu wily *
Eog Ubuntu xenial *
Eog Ubuntu yakkety *
Eog Ubuntu zesty *
Eom Ubuntu artful *
Eom Ubuntu wily *
Eom Ubuntu yakkety *
Eom Ubuntu zesty *
Gambas3 Ubuntu artful *
Gambas3 Ubuntu disco *
Gambas3 Ubuntu eoan *
Gambas3 Ubuntu esm-apps/xenial *
Gambas3 Ubuntu groovy *
Gambas3 Ubuntu hirsute *
Gambas3 Ubuntu impish *
Gambas3 Ubuntu kinetic *
Gambas3 Ubuntu lunar *
Gambas3 Ubuntu mantic *
Gambas3 Ubuntu trusty *
Gambas3 Ubuntu wily *
Gambas3 Ubuntu xenial *
Gambas3 Ubuntu yakkety *
Gambas3 Ubuntu zesty *
Gnome-photos Ubuntu artful *
Gnome-photos Ubuntu esm-apps/xenial *
Gnome-photos Ubuntu trusty *
Gnome-photos Ubuntu wily *
Gnome-photos Ubuntu xenial *
Gnome-photos Ubuntu yakkety *
Gnome-photos Ubuntu zesty *
Gtk+2.0 Ubuntu precise *
Gtk+2.0 Ubuntu trusty *
Gtk+2.0 Ubuntu vivid/stable-phone-overlay *
Gtk+2.0 Ubuntu wily *
Gtk+3.0 Ubuntu precise *
Gtk+3.0 Ubuntu upstream *
Pinpoint Ubuntu artful *
Pinpoint Ubuntu bionic *
Pinpoint Ubuntu cosmic *
Pinpoint Ubuntu devel *
Pinpoint Ubuntu disco *
Pinpoint Ubuntu eoan *
Pinpoint Ubuntu esm-apps/bionic *
Pinpoint Ubuntu esm-apps/focal *
Pinpoint Ubuntu esm-apps/jammy *
Pinpoint Ubuntu esm-apps/noble *
Pinpoint Ubuntu esm-apps/xenial *
Pinpoint Ubuntu focal *
Pinpoint Ubuntu groovy *
Pinpoint Ubuntu hirsute *
Pinpoint Ubuntu impish *
Pinpoint Ubuntu jammy *
Pinpoint Ubuntu kinetic *
Pinpoint Ubuntu lunar *
Pinpoint Ubuntu mantic *
Pinpoint Ubuntu noble *
Pinpoint Ubuntu oracular *
Pinpoint Ubuntu precise *
Pinpoint Ubuntu trusty *
Pinpoint Ubuntu wily *
Pinpoint Ubuntu xenial *
Pinpoint Ubuntu yakkety *
Pinpoint Ubuntu zesty *
Thunar Ubuntu artful *
Thunar Ubuntu esm-apps/xenial *
Thunar Ubuntu precise *
Thunar Ubuntu trusty *
Thunar Ubuntu wily *
Thunar Ubuntu xenial *
Thunar Ubuntu yakkety *
Thunar Ubuntu zesty *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use