UBUNTU-CVE-2013-7447

Source
https://ubuntu.com/security/CVE-2013-7447
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-7447.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2013-7447
Related
Published
2013-12-31T00:00:00Z
Modified
2024-10-15T14:05:46Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Integer overflow in the gdkcairosetsourcepixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.

References

Affected packages

Ubuntu:14.04:LTS / eog

Package

Name
eog
Purl
pkg:deb/ubuntu/eog?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.2-0ubuntu5.1

Affected versions

3.*

3.8.2-1ubuntu1
3.10.1-1ubuntu1
3.10.2-0ubuntu1
3.10.2-0ubuntu2
3.10.2-0ubuntu3
3.10.2-0ubuntu4
3.10.2-0ubuntu5

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "3.10.2-0ubuntu5.1",
            "binary_name": "eog"
        },
        {
            "binary_version": "3.10.2-0ubuntu5.1",
            "binary_name": "eog-dbg"
        },
        {
            "binary_version": "3.10.2-0ubuntu5.1",
            "binary_name": "eog-dbgsym"
        },
        {
            "binary_version": "3.10.2-0ubuntu5.1",
            "binary_name": "eog-dev"
        }
    ]
}

Ubuntu:14.04:LTS / gtk+2.0

Package

Name
gtk+2.0
Purl
pkg:deb/ubuntu/gtk+2.0?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.23-0ubuntu1.4

Affected versions

2.*

2.24.20-1ubuntu1
2.24.21-1ubuntu1
2.24.22-1ubuntu1
2.24.22-1ubuntu2
2.24.23-0ubuntu1
2.24.23-0ubuntu1.1
2.24.23-0ubuntu1.2
2.24.23-0ubuntu1.3

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "gir1.2-gtk-2.0"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "gir1.2-gtk-2.0-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "gtk2-engines-pixbuf"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "gtk2-engines-pixbuf-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "gtk2.0-examples"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "gtk2.0-examples-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail-common"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail-common-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail-dbg"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail-dev"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail-dev-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail-doc"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail18"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgail18-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-0"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-0-dbg"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-0-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-0-udeb"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-0-udeb-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-bin"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-bin-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-common"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-dev"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-dev-dbgsym"
        },
        {
            "binary_version": "2.24.23-0ubuntu1.4",
            "binary_name": "libgtk2.0-doc"
        }
    ]
}

Ubuntu:14.04:LTS / gtk+3.0

Package

Name
gtk+3.0
Purl
pkg:deb/ubuntu/gtk+3.0?arch=src?distro=trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.10.8-0ubuntu1.6

Affected versions

3.*

3.8.4-0ubuntu3
3.8.6-0ubuntu2
3.8.6-0ubuntu4
3.8.7-0ubuntu1
3.10.6-0ubuntu2
3.10.6-0ubuntu3
3.10.7-0ubuntu1
3.10.7-0ubuntu2
3.10.7-0ubuntu3
3.10.7-0ubuntu4
3.10.7-0ubuntu5
3.10.8-0ubuntu1
3.10.8-0ubuntu1.1
3.10.8-0ubuntu1.2
3.10.8-0ubuntu1.3
3.10.8-0ubuntu1.4
3.10.8-0ubuntu1.5

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "gir1.2-gtk-3.0"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "gir1.2-gtk-3.0-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "gtk-3-examples"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "gtk-3-examples-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgail-3-0"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgail-3-0-dbg"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgail-3-0-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgail-3-dev"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgail-3-dev-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgail-3-doc"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-0"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-0-dbg"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-0-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-0-udeb"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-0-udeb-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-bin"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-bin-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-common"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-dev"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-dev-dbgsym"
        },
        {
            "binary_version": "3.10.8-0ubuntu1.6",
            "binary_name": "libgtk-3-doc"
        }
    ]
}

Ubuntu:16.04:LTS / eog

Package

Name
eog
Purl
pkg:deb/ubuntu/eog?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.18.1-1ubuntu2

Affected versions

3.*

3.16.3-1ubuntu2
3.18.0-0ubuntu1
3.18.0-1ubuntu1
3.18.0-1ubuntu2
3.18.1-1ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "3.18.1-1ubuntu2",
            "binary_name": "eog"
        },
        {
            "binary_version": "3.18.1-1ubuntu2",
            "binary_name": "eog-dbg"
        },
        {
            "binary_version": "3.18.1-1ubuntu2",
            "binary_name": "eog-dbgsym"
        },
        {
            "binary_version": "3.18.1-1ubuntu2",
            "binary_name": "eog-dev"
        }
    ]
}

Ubuntu:16.04:LTS / gtk+2.0

Package

Name
gtk+2.0
Purl
pkg:deb/ubuntu/gtk+2.0?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.24.29-1ubuntu2

Affected versions

2.*

2.24.28-1ubuntu1
2.24.29-1ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "gir1.2-gtk-2.0"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "gir1.2-gtk-2.0-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "gtk2-engines-pixbuf"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "gtk2-engines-pixbuf-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "gtk2.0-examples"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "gtk2.0-examples-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail-common"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail-common-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail-dbg"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail-dev"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail-dev-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail-doc"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail18"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgail18-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-0"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-0-dbg"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-0-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-0-udeb"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-0-udeb-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-bin"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-bin-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-common"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-dev"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-dev-dbgsym"
        },
        {
            "binary_version": "2.24.29-1ubuntu2",
            "binary_name": "libgtk2.0-doc"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / gambas3

Package

Name
gambas3
Purl
pkg:deb/ubuntu/gambas3?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.5.4-2ubuntu5
3.5.4-2ubuntu7
3.5.4-2ubuntu11
3.8.4-2ubuntu1
3.8.4-2ubuntu2
3.8.4-2ubuntu3
3.8.4-2ubuntu3.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / gnome-photos

Package

Name
gnome-photos
Purl
pkg:deb/ubuntu/gnome-photos?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.16.2-1
3.18.1-1
3.18.1-1build1
3.18.2-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / pinpoint

Package

Name
pinpoint
Purl
pkg:deb/ubuntu/pinpoint?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.1.6-1
1:0.1.8-1ubuntu2
1:0.1.8-2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / thunar

Package

Name
thunar
Purl
pkg:deb/ubuntu/thunar?arch=src?distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.6.10-1
1.6.10-2
1.6.10-2ubuntu1
1.6.11-0ubuntu0.16.04.1
1.6.11-0ubuntu0.16.04.2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / pinpoint

Package

Name
pinpoint
Purl
pkg:deb/ubuntu/pinpoint?arch=src?distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.1.8-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / gambas3

Package

Name
gambas3
Purl
pkg:deb/ubuntu/gambas3?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.13.0-1ubuntu2
3.14.3-1
3.14.3-1build1
3.14.3-1ubuntu1
3.14.3-2ubuntu1
3.14.3-2ubuntu3
3.14.3-2ubuntu3.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / pinpoint

Package

Name
pinpoint
Purl
pkg:deb/ubuntu/pinpoint?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.1.8-4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / gambas3

Package

Name
gambas3
Purl
pkg:deb/ubuntu/gambas3?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.16.2-3build1
3.16.3-2
3.16.3-2build1
3.16.3-3

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / pinpoint

Package

Name
pinpoint
Purl
pkg:deb/ubuntu/pinpoint?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.1.8-4
1:0.1.8-5

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / gambas3

Package

Name
gambas3
Purl
pkg:deb/ubuntu/gambas3?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.19.0-2ubuntu10
3.19.1-1ubuntu3
3.19.3-1ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / pinpoint

Package

Name
pinpoint
Purl
pkg:deb/ubuntu/pinpoint?arch=src?distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.1.8-6build2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / gambas3

Package

Name
gambas3
Purl
pkg:deb/ubuntu/gambas3?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.18.3-1ubuntu1
3.18.3-1ubuntu2
3.18.4-3ubuntu1
3.19.0-2ubuntu1
3.19.0-2ubuntu9
3.19.0-2ubuntu10

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / pinpoint

Package

Name
pinpoint
Purl
pkg:deb/ubuntu/pinpoint?arch=src?distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1:0.*

1:0.1.8-6
1:0.1.8-6build1
1:0.1.8-6build2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}