CVE-2015-4491

Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.

Published: 2015-08-15 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2015-4491 is rated Moderate Risk (64.9/100): CVSS Medium severity, with high exploitation likelihood (EPSS 8.40%, 94th percentile). Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term. EPSS rose +4.71% over the last day, indicating growing attacker interest. Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2015-4491

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 3.69% 8.40% +4.71%
2 2026-05-13 4.30% 3.69% -0.60%
3 2025-12-28 4.30%

Full EPSS history (20 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2015-4491

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
6.8 2.0 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
8.6 6.4 [email protected]

Weakness enumeration for CVE-2015-4491

OS Trackers for CVE-2015-4491

vendor priority summary link
debian not yet assigned CVE-2015-4491 not yet assigned priority: Debian including 2 source packages (gdk-pixbuf, gtk+2.0), 10 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 10. https://security-tracker.debian.org/tracker/CVE-2015-4491
gentoo normal CVE-2015-4491: 2 GLSA(s) (201512-05, 201605-06), 7 atom(s) (dev-libs/nspr, dev-libs/nss, …); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2015-4491
redhat high https://access.redhat.com/security/cve/CVE-2015-4491
suse medium CVE-2015-4491 severity moderate: SUSE including 515 source package names (MozillaFirefox-102.11.0-150200.152.87.1, MozillaFirefox-115.10.0-150200.152.134.1, …), 960 product×package rows across 103 product lines (HPE Helion OpenStack 8, Image SLES12-SP5-Azure-BYOS, … (103 product lines)): Fixed 628, Known Affected 231, Known Not Affected 101. https://www.suse.com/security/cve/CVE-2015-4491/
ubuntu medium CVE-2015-4491 medium priority: Ubuntu including 3 source packages (firefox, gdk-pixbuf, thunderbird), 12 status rows across 4 suites (precise, trusty, upstream, vivid): released 11, needed 1. https://ubuntu.com/security/CVE-2015-4491

Affected software / configurations for CVE-2015-4491

Vendor Product Version Raw CPE
gnome gdk-pixbuf <= 2.31.4 cpe:2.3:a:gnome:gdk-pixbuf:*:*:*:*:*:*:*:*
oracle solaris 10 cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*
oracle solaris 11.3 cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
canonical ubuntu_linux 12.04 cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 15.04 cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
fedoraproject fedora 21 cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
fedoraproject fedora 22 cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
opensuse opensuse 13.1 cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuse opensuse 13.2 cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

References for CVE-2015-4491

URL Tags
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165701.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165703.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165730.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165732.html
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html
http://lists.opensuse.org/opensuse-updates/2015-09/msg00002.html
http://rhn.redhat.com/errata/RHSA-2015-1586.html
http://rhn.redhat.com/errata/RHSA-2015-1682.html
http://rhn.redhat.com/errata/RHSA-2015-1694.html
http://www.debian.org/security/2015/dsa-3337
http://www.mozilla.org/security/announce/2015/mfsa2015-88.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html Third Party Advisory
http://www.securitytracker.com/id/1033247
http://www.securitytracker.com/id/1033372
http://www.ubuntu.com/usn/USN-2702-1 Third Party Advisory
http://www.ubuntu.com/usn/USN-2702-2 Third Party Advisory
http://www.ubuntu.com/usn/USN-2702-3
http://www.ubuntu.com/usn/USN-2712-1
http://www.ubuntu.com/usn/USN-2722-1
https://bugzilla.gnome.org/show_bug.cgi?id=752297 Issue Tracking
https://bugzilla.mozilla.org/show_bug.cgi?id=1184009 Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=1252290 Issue Tracking
https://git.gnome.org/browse/gdk-pixbuf/commit/?id=ffec86ed5010c5a2be14f47b33bcf4ed3169a199
https://security.gentoo.org/glsa/201512-05
https://security.gentoo.org/glsa/201605-06
cvelogic Threat Intelligence