Numeric Errors

CVE-2012-2370

Medium

5/10

Summary

Multiple integer overflows in the read_bitmap_file_data function in io-xbm.c in gdk-pixbuf before 2.26.1 allow remote attackers to cause a denial of service (application crash) via a negative (1) height or (2) width in an XBM file, which triggers a heap-based buffer overflow.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: PARTIAL

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

Published Aug 13, 2012

Numeric Errors

CVE-2012-2370

Summary

CWE-189 - Numeric Errors

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS