CVE-2016-6352 log
| Source |
|
| Severity | Critical |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | An out-of-bounds write has been discovered in the OneLine32() function while parsing an ico file. A maliciously crafted file can cause the application to crash or possibly execute arbitrary code. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-1 | lib32-gdk-pixbuf2 | 2.34.0-1 | 2.36.0+2+ga7c869a-1 | Critical | Fixed | |
| AVG-2 | gdk-pixbuf2 | 2.34.0-2 | 2.36.0+2+ga7c869a-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 03 Nov 2016 | ASA-201611-12 | AVG-1 | lib32-gdk-pixbuf2 | Critical | arbitrary code execution |
| 13 Oct 2016 | ASA-201610-9 | AVG-2 | gdk-pixbuf2 | Critical | arbitrary code execution |
| References |
|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1349751 https://git.gnome.org/browse/gdk-pixbuf/commit/?id=88af50a864195da1a4f7bda5f02539704fbda599 |