Home

CVE-2012-4433

Description

Multiple integer overflows in operations/external/ppm-load.c in GEGL (Generic Graphics Library) 0.2.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large (1) width or (2) height value in a Portable Pixel Map (ppm) image, which triggers a heap-based buffer overflow.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
12.268

Associated Vulnerability

VulnerabilityOS Platform
(RHSA-2012:1455) Moderate: gegl security update gegl-0.1.2-4.el6_3.i686.rpmLinux
(RHSA-2012:1455) Moderate: gegl security update gegl-0.1.2-4.el6_3.x86_64.rpmLinux
(RHSA-2012:1455) Moderate: gegl security update gegl-devel-0.1.2-4.el6_3.i686.rpmLinux
(RHSA-2012:1455) Moderate: gegl security update gegl-devel-0.1.2-4.el6_3.x86_64.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) gegl-0_2-0.2.0-14.3.x86_64.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) gegl-0_2-debuginfo-0.2.0-14.3.x86_64.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) gegl-0_2-lang-0.2.0-14.3.noarch.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) gegl-debuginfo-0.2.0-14.3.x86_64.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) gegl-debugsource-0.2.0-14.3.x86_64.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgegl-0_2-0-0.2.0-14.3.x86_64.rpmLinux
SUSE-SU-2017:0694-1(SUSE Linux Enterprise Desktop 12-SP2 ) libgegl-0_2-0-debuginfo-0.2.0-14.3.x86_64.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) gegl-0_2-0.2.0-10.3.3.x86_64.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) gegl-0_2-debuginfo-0.2.0-10.3.3.x86_64.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) gegl-0_2-lang-0.2.0-10.3.3.noarch.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) gegl-debuginfo-0.2.0-10.3.3.x86_64.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) gegl-debugsource-0.2.0-10.3.3.x86_64.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgegl-0_2-0-0.2.0-10.3.3.x86_64.rpmLinux
SUSE-SU-2017:0696-1(SUSE Linux Enterprise Desktop 12-SP1 ) libgegl-0_2-0-debuginfo-0.2.0-10.3.3.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234