CVE-2017-2862 in GNOME and Debian Products
Published on September 5, 2017

An exploitable heap overflow vulnerability exists in the gdk_pixbuf__jpeg_image_load_increment functionality of Gdk-Pixbuf 2.36.6. A specially crafted jpeg file can cause a heap overflow resulting in remote code execution. An attacker can send a file or url to trigger this vulnerability.

Vendor Advisory NVD

Products Associated with CVE-2017-2862

stack.watch emails you whenever new vulnerabilities are published in GNOME Gdk Pixbuf or Debian Linux. Just hit a watch button to start following.

GNOME Gdk Pixbuf

Debian Linux

Affected Versions

GNOME Gdk-Pixbuf Version 2.36.6 commit: aba8d88798dfc2f3856ea0ddda14b06174bbb2bc libjpeg-turbo 1.5.2 is affected by CVE-2017-2862

Exploit Probability

EPSS

5.69%

Percentile

90.32%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2017-2862 in GNOME and Debian ProductsPublished on September 5, 2017

Products Associated with CVE-2017-2862

Affected Versions

Exploit Probability

CVE-2017-2862 in GNOME and Debian Products
Published on September 5, 2017