CVE-2016-6855
Published: 23 August 2016
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
Priority
CVSS 3 base score: 7.5
Status
Package | Release | Status |
---|---|---|
eog Launchpad, Ubuntu, Debian |
upstream |
Released
(3.20.4-1)
|
precise |
Released
(3.4.2-0ubuntu1.3)
|
|
trusty |
Does not exist
(trusty was released [3.10.2-0ubuntu5.2])
|
|
xenial |
Released
(3.18.2-1ubuntu2.1)
|
|
Patches: upstream: https://git.gnome.org/browse/eog/commit/?id=e99a8c00f959652fe7c10e2fa5a3a7a5c25e6af4 |