{"id":"CVE-2017-12447","details":"GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.","modified":"2026-05-19T01:50:11.827698Z","published":"2019-03-07T23:29:00.377Z","references":[{"type":"WEB","url":"https://usn.ubuntu.com/3912-1/"},{"type":"REPORT","url":"https://bugzilla.gnome.org/show_bug.cgi?id=785979"},{"type":"EVIDENCE","url":"https://github.com/hackerlib/hackerlib-vul/tree/master/gnome"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/gdk-pixbuf","events":[{"introduced":"0"},{"last_affected":"abf10aad3163fb188ab2b9d004c502f7a082d96b"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:gdk-pixbuf:2.32.2:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2.32.2"}]}}],"versions":["2.32.2","2.32.1","2.32.0","2.31.7","2.31.6","2.31.5","2.31.4","2.31.3","2.31.2","2.31.1","2.31.0","2.30.8","2.30.7","2.30.6","2.30.5","2.30.4","2.30.3","2.30.2","2.30.1","2.30.0","2.29.3","2.29.2","2.29.1","2.29.0","2.28.0","2.27.3","2.27.2","2.27.1","2.27.0","2.26.5","2.26.4","2.26.3","2.26.2","2.26.1","2.26.0","2.25.2","2.25.0","2.24.0","2.23.5","2.23.4","2.23.3","2.23.2","2.23.1","2.23.0","2.22.1","2.22.0","2.21.7","2.21.6","2.21.4","2.21.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12447.json"}},{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/nautilus","events":[{"introduced":"0"},{"last_affected":"7b11798a67270471ac2fe39690a36b881d9f33f9"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:nautilus:3.14.3:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.14.3"}]}}],"versions":["3.14.3","3.14.2","3.14.1","3.14.0","3.13.92","3.13.91","3.13.90","3.13.2","3.13.1","3.12.0","3.11.92","3.11.90","3.11.3","3.11.2","3.10.0","3.9.92","3.9.91","3.9.90","3.9.3","3.6.0","3.5.92","3.5.91","3.5.90","3.5.5","3.5.4","3.5.3","3.5.2","3.5.1","3.4.0","3.3.92","3.3.91","3.3.90","3.3.5","3.3.4","3.3.3","3.3.1.1","3.2.0","3.1.92","3.1.90","3.1.4","3.1.3","3.1.2","3.1.1","3.0.0","2.91.94","2.91.93","2.91.92","2.91.91","2.91.90.1","2.91.90","2.91.9","2.91.8","2.91.7","2.91.6","2.91.5","2.91.4","2.91.3","2.91.2","2.91.1","2.91.0.1","2.91.0","2.90.1","2.31.5","2.31.4","2.31.3","2.31.2","2.31.1","2.30.1","2.30.0","2.29.92.1","2.29.92","2.29.91","2.29.90","2.29.2","2.29.1","2.28.0","2.27.92","2.27.91","2.27.4","2.27.2","NAUTILUS_2_27_1","NAUTILUS_2_26_2","NAUTILUS_2_26_1","NAUTILUS_2_26_0","NAUTILUS_2_25_93","NAUTILUS_2_25_92","NAUTILUS_2_25_91","NAUTILUS_2_25_4","NAUTILUS_2_25_3","NAUTILUS_2_25_2","NAUTILUS_2_25_1","NAUTILUS_2_24_0","NAUTILUS_2_23_92","NAUTILUS_2_23_91","NAUTILUS_2_23_90","NAUTILUS_2_23_6_1","NAUTILUS_2_23_6","NAUTILUS_2_23_5_1","NAUTILUS_2_23_5","NAUTILUS_2_23_4","NAUTILUS_2_23_3","NAUTILUS_2_23_2","NAUTILUS_2_22_1","NAUTILUS_2_22_0","NAUTILUS_2_21_92","NAUTILUS_2_21_91","NAUTILUS_2_21_90","NAUTILUS_2_21_6","NAUTILUS_2_21_5","NAUTILUS_2_21_2","NAUTILUS_2_20_0","NAUTILUS_2_19_91","NAUTILUS_2_19_90","NAUTILUS_2_19_6","NAUTILUS_2_19_5","NAUTILUS_2_19_4","NAUTILUS_2_19_3","NAUTILUS_2_19_2","NAUTILUS_2_18_0_1","NAUTILUS_2_18_0","NAUTILUS_2_17_92","NAUTILUS_2_17_91","NAUTILUS_2_17_1","GNOME_2_16_BRANCHPOINT","NAUTILUS_2_16_3","NAUTILUS_2_16_2","NAUTILUS_2_16_1","NAUTILUS_2_16_0","NAUTILUS_2_15_92_1","NAUTILUS_2_15_92","NAUTILUS_2_15_91","NAUTILUS_2_15_90","NAUTILUS_2_15_4","NAUTILUS_2_15_2","NAUTILUS_2_15_1","GNOME_2_14_BRANCHPOINT","NAUTILUS_2_14_1","NAUTILUS_2_14_0","NAUTILUS_2_13_92","NAUTILUS_2_13_91","NAUTILUS_2_13_90","NAUTILUS_2_13_4","NAUTILUS_2_13_3","NAUTILUS_SEARCH2_MERGE_ANCHOR2","NAUTILUS_SEARCH2_MERGE_ANCHOR1","NAUTILUS_2_13_2","NAUTILUS_2_13_1","GNOME_2_12_BRANCHPOINT","NAUTILUS_2_12_1","NAUTILUS_SEARCH_BRANCH_ANCHOR","NAUTILUS_2_12_0","NAUTILUS_2_11_92","NAUTILUS_2_11_91","NAUTILUS_2_11_90","NAUTILUS_2_11_4","NAUTILUS_2_11_3","NAUTILUS_2_11_2","NAUTILUS_2_11_1","GNOME_2_10_BRANCHPOINT","NAUTILUS_2_10_0","NAUTILUS_2_9_92","NAUTILUS_2_9_91","NAUTILUS_2_9_90","NAUTILUS_2_9_2","NAUTILUS_2_9_1","BONOBO_SLAY_BRANCHPOINT","NAUTILUS_2_8_2","NAUTILUS_2_8_1","NAUTILUS_2_8_0","NAUTILUS_2_7_92","NAUTILUS_2_7_4","NAUTILUS_2_7_2","NAUTILUS_NEW_MIME_BRANCHPOINT","NAUTILUS_2_6_BRANCHPOINT","GNOME_2_6_BRANCHPOINT","NAUTILUS_2_6_2","NAUTILUS_2_6_1","NAUTILUS_2_6_0","NAUTILUS_2_5_91","NAUTILUS_2_5_90","NAUTILUS_2_5_8","NAUTILUS_2_5_7","NAUTILUS_2_5_6","NAUTILUS_2_5_5","NAUTILUS_EXTENSIONS_MERGEPOINT_1","NAUTILUS_2_5_3","NAUTILUS_2_5_2","NAUTILUS_EXTENSIONS_BRANCHPOINT","NAUTILUS_2_5_1_1","NAUTILUS_2_5_1","NAUTILUS_2_5_0","NAUTILUS_SPATIAL_PLAYGROUND_BRANCHPOINT","GNOME_2_4_BRANCHPOINT","NAUTILUS_2_4_0","NAUTILUS_2_3_90","NAUTILUS_2_3_9","NAUTILUS_2_3_8","NAUTILUS_2_3_7","NAUTILUS_2_3_6","NAUTILUS_2_3_5","NAUTILUS_2_3_4","NAUTILUS_2_3_3","NAUTILUS_2_3_2","NAUTILUS_2_3_1","GNOME_2_2_BRANCHPOINT","NAUTILUS_2_2_3","NAUTILUS_2_2_2","NAUTILUS_2_2_1","NAUTILUS_2_2_0_2","NAUTILUS_2_2_0_1","NAUTILUS_2_2_0","NAUTILUS_2_1_91","NAUTILUS_2_1_6","NAUTILUS_2_1_5","NAUTILUS_2_1_3","NAUTILUS_2_1_2","NAUTILUS_2_1_1","NAUTILUS_2_1_0","NEW_SIDE_PANE_BRANCHPOINT","NEW_ICON_FACTORY_BRANCHPOINT","GNOME_2_0_BRANCHPOINT","NAUTILUS_2_0_6","XIMIAN_SMB_ANCHOR","NAUTILUS_2_0_4","NAUTILUS_2_0_3","NAUTILUS_2_0_2","NAUTILUS_2_0_1","MULTIHEAD_BRANCHPOINT","NAUTILUS_1_1_19","NAUTILUS_1_1_18","NAUTILUS_1_1_17","NAUTILUS_1_1_16","NAUTILUS_1_1_15","NAUTILUS_1_1_14","NAUTILUS_1_1_13","NAUTILUS_1_1_12","XIMIAN_SUN_DELIVERY_1_MERGE","NAUTILUS_1_1_11","NAUTILUS_1_1_10","NAUTILUS_1_1_9","NAUTILUS_1_1_8","NAUTILUS_1_1_6","NAUTILUS_1_1_5","NAUTILUS_1_1_4","NAUTILUS_1_1_3","NAUTILUS_1_1_2","NAUTILUS_1_1_1","NAUTILUS_BEFORE_REMOVING_HELP_COMPONENT","NAUTILUS_1_0_5","REDHAT_MERGE_BRANCHPOINT","REDHAT_OUTSTANDING_PATCHES_BRANCHPOINT","NAUTILUS_1_0_4","NAUTILUS_1_0_3","before-trilobite-move","NAUTILUS_1_ANCHOR","NAUTILUS_0_8_2","NAUTILUS_PR3_ANCHOR","INSTALLER_PR3_ANCHOR","RAK_SOUNDVIEW_ANCHOR","NAUTILUS_PR2_ANCHOR","NAUTILUS_UIH_MERGE_BASE","NAUTILUS-NEW-UIH-BRANCH_ANCHOR","EAZEL-NAUTILUS-MS-AUG07","EAZEL_NAUTILUS_DEMO_2_ANCHOR","pre-mjs-demo-bugfixes","EAZEL_DEMO_1_ANCHOR","EAZEL-NAUTILUS-MS-JUL12","EAZEL-NAUTILUS-MS-JULY_5","nautilus_ms_may_31","mjs_pre_great_renaming","V0_0","POST_1_0_MERGE","GNOME_CORE_1_1_0","INITIAL","PRE_1_0_MERGE","GNOME_CORE_1_0_ANCHOR","GNOME_CORE_1_0_9","GNOME_CORE_1_0_8","GNOME_CORE_1_0_7","GNOME_CORE_1_0_6","GNOME_CORE_1_0_5","GNOME_CORE_1_0_4","GGV_0_61","GNOME_CORE_1_0_3","GNOME_CORE_1_0_1","GNOME_CORE_1_0_0_1","GNOME_0_99_8_1","GNOME_0_99_8","GNOME_0_99_7","GNOME_0_99_3","GNOME_0_99_2","PRE_PANEL2","GNOME_STABLE_ANCHOR","FOR_GNOME_0_99_1","PANTING_CHIMPANZEE","GNOME_0_30","GNOME_0_28_MARTIN","GNOME_0_27","GNOME_0_25","GNOME_0_20a","GNOME_0_20","DROOLING_MACAQUE"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12447.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/gnome/gdk-pixbuf","events":[{"introduced":"0"},{"last_affected":"abf10aad3163fb188ab2b9d004c502f7a082d96b"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:gdk-pixbuf:2.32.2:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2.32.2"}]}}],"versions":["2.32.2","2.32.1","2.32.0","2.31.7","2.31.6","2.31.5","2.31.4","2.31.3","2.31.2","2.31.1","2.31.0","2.30.8","2.30.7","2.30.6","2.30.5","2.30.4","2.30.3","2.30.2","2.30.1","2.30.0","2.29.3","2.29.2","2.29.1","2.29.0","2.28.0","2.27.3","2.27.2","2.27.1","2.27.0","2.26.5","2.26.4","2.26.3","2.26.2","2.26.1","2.26.0","2.25.2","2.25.0","2.24.0","2.23.5","2.23.4","2.23.3","2.23.2","2.23.1","2.23.0","2.22.1","2.22.0","2.21.7","2.21.6","2.21.4","2.21.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12447.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/gnome/nautilus","events":[{"introduced":"0"},{"last_affected":"7b11798a67270471ac2fe39690a36b881d9f33f9"}],"database_specific":{"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:nautilus:3.14.3:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"3.14.3"}]}}],"versions":["3.14.3","3.14.2","3.14.1","3.14.0","3.13.92","3.13.91","3.13.90","3.13.2","3.13.1","3.12.0","3.11.92","3.11.90","3.11.3","3.11.2","3.10.0","3.9.92","3.9.91","3.9.90","3.9.3","3.6.0","3.5.92","3.5.91","3.5.90","3.5.5","3.5.4","3.5.3","3.5.2","3.5.1","3.4.0","3.3.92","3.3.91","3.3.90","3.3.5","3.3.4","3.3.3","3.3.1.1","3.2.0","3.1.92","3.1.90","3.1.4","3.1.3","3.1.2","3.1.1","3.0.0","2.91.94","2.91.93","2.91.92","2.91.91","2.91.90.1","2.91.90","2.91.9","2.91.8","2.91.7","2.91.6","2.91.5","2.91.4","2.91.3","2.91.2","2.91.1","2.91.0.1","2.91.0","2.90.1","2.31.5","2.31.4","2.31.3","2.31.2","2.31.1","2.30.1","2.30.0","2.29.92.1","2.29.92","2.29.91","2.29.90","2.29.2","2.29.1","2.28.0","2.27.92","2.27.91","2.27.4","2.27.2","NAUTILUS_2_27_1","NAUTILUS_2_26_2","NAUTILUS_2_26_1","NAUTILUS_2_26_0","NAUTILUS_2_25_93","NAUTILUS_2_25_92","NAUTILUS_2_25_91","NAUTILUS_2_25_4","NAUTILUS_2_25_3","NAUTILUS_2_25_2","NAUTILUS_2_25_1","NAUTILUS_2_24_0","NAUTILUS_2_23_92","NAUTILUS_2_23_91","NAUTILUS_2_23_90","NAUTILUS_2_23_6_1","NAUTILUS_2_23_6","NAUTILUS_2_23_5_1","NAUTILUS_2_23_5","NAUTILUS_2_23_4","NAUTILUS_2_23_3","NAUTILUS_2_23_2","NAUTILUS_2_22_1","NAUTILUS_2_22_0","NAUTILUS_2_21_92","NAUTILUS_2_21_91","NAUTILUS_2_21_90","NAUTILUS_2_21_6","NAUTILUS_2_21_5","NAUTILUS_2_21_2","NAUTILUS_2_20_0","NAUTILUS_2_19_91","NAUTILUS_2_19_90","NAUTILUS_2_19_6","NAUTILUS_2_19_5","NAUTILUS_2_19_4","NAUTILUS_2_19_3","NAUTILUS_2_19_2","NAUTILUS_2_18_0_1","NAUTILUS_2_18_0","NAUTILUS_2_17_92","NAUTILUS_2_17_91","NAUTILUS_2_17_1","GNOME_2_16_BRANCHPOINT","NAUTILUS_2_16_3","NAUTILUS_2_16_2","NAUTILUS_2_16_1","NAUTILUS_2_16_0","NAUTILUS_2_15_92_1","NAUTILUS_2_15_92","NAUTILUS_2_15_91","NAUTILUS_2_15_90","NAUTILUS_2_15_4","NAUTILUS_2_15_2","NAUTILUS_2_15_1","GNOME_2_14_BRANCHPOINT","NAUTILUS_2_14_1","NAUTILUS_2_14_0","NAUTILUS_2_13_92","NAUTILUS_2_13_91","NAUTILUS_2_13_90","NAUTILUS_2_13_4","NAUTILUS_2_13_3","NAUTILUS_SEARCH2_MERGE_ANCHOR2","NAUTILUS_SEARCH2_MERGE_ANCHOR1","NAUTILUS_2_13_2","NAUTILUS_2_13_1","GNOME_2_12_BRANCHPOINT","NAUTILUS_2_12_1","NAUTILUS_SEARCH_BRANCH_ANCHOR","NAUTILUS_2_12_0","NAUTILUS_2_11_92","NAUTILUS_2_11_91","NAUTILUS_2_11_90","NAUTILUS_2_11_4","NAUTILUS_2_11_3","NAUTILUS_2_11_2","NAUTILUS_2_11_1","GNOME_2_10_BRANCHPOINT","NAUTILUS_2_10_0","NAUTILUS_2_9_92","NAUTILUS_2_9_91","NAUTILUS_2_9_90","NAUTILUS_2_9_2","NAUTILUS_2_9_1","BONOBO_SLAY_BRANCHPOINT","NAUTILUS_2_8_2","NAUTILUS_2_8_1","NAUTILUS_2_8_0","NAUTILUS_2_7_92","NAUTILUS_2_7_4","NAUTILUS_2_7_2","NAUTILUS_NEW_MIME_BRANCHPOINT","NAUTILUS_2_6_BRANCHPOINT","GNOME_2_6_BRANCHPOINT","NAUTILUS_2_6_2","NAUTILUS_2_6_1","NAUTILUS_2_6_0","NAUTILUS_2_5_91","NAUTILUS_2_5_90","NAUTILUS_2_5_8","NAUTILUS_2_5_7","NAUTILUS_2_5_6","NAUTILUS_2_5_5","NAUTILUS_EXTENSIONS_MERGEPOINT_1","NAUTILUS_2_5_3","NAUTILUS_2_5_2","NAUTILUS_EXTENSIONS_BRANCHPOINT","NAUTILUS_2_5_1_1","NAUTILUS_2_5_1","NAUTILUS_2_5_0","NAUTILUS_SPATIAL_PLAYGROUND_BRANCHPOINT","GNOME_2_4_BRANCHPOINT","NAUTILUS_2_4_0","NAUTILUS_2_3_90","NAUTILUS_2_3_9","NAUTILUS_2_3_8","NAUTILUS_2_3_7","NAUTILUS_2_3_6","NAUTILUS_2_3_5","NAUTILUS_2_3_4","NAUTILUS_2_3_3","NAUTILUS_2_3_2","NAUTILUS_2_3_1","GNOME_2_2_BRANCHPOINT","NAUTILUS_2_2_3","NAUTILUS_2_2_2","NAUTILUS_2_2_1","NAUTILUS_2_2_0_2","NAUTILUS_2_2_0_1","NAUTILUS_2_2_0","NAUTILUS_2_1_91","NAUTILUS_2_1_6","NAUTILUS_2_1_5","NAUTILUS_2_1_3","NAUTILUS_2_1_2","NAUTILUS_2_1_1","NAUTILUS_2_1_0","NEW_SIDE_PANE_BRANCHPOINT","NEW_ICON_FACTORY_BRANCHPOINT","GNOME_2_0_BRANCHPOINT","NAUTILUS_2_0_6","XIMIAN_SMB_ANCHOR","NAUTILUS_2_0_4","NAUTILUS_2_0_3","NAUTILUS_2_0_2","NAUTILUS_2_0_1","MULTIHEAD_BRANCHPOINT","NAUTILUS_1_1_19","NAUTILUS_1_1_18","NAUTILUS_1_1_17","NAUTILUS_1_1_16","NAUTILUS_1_1_15","NAUTILUS_1_1_14","NAUTILUS_1_1_13","NAUTILUS_1_1_12","XIMIAN_SUN_DELIVERY_1_MERGE","NAUTILUS_1_1_11","NAUTILUS_1_1_10","NAUTILUS_1_1_9","NAUTILUS_1_1_8","NAUTILUS_1_1_6","NAUTILUS_1_1_5","NAUTILUS_1_1_4","NAUTILUS_1_1_3","NAUTILUS_1_1_2","NAUTILUS_1_1_1","NAUTILUS_BEFORE_REMOVING_HELP_COMPONENT","NAUTILUS_1_0_5","REDHAT_MERGE_BRANCHPOINT","REDHAT_OUTSTANDING_PATCHES_BRANCHPOINT","NAUTILUS_1_0_4","NAUTILUS_1_0_3","before-trilobite-move","NAUTILUS_1_ANCHOR","NAUTILUS_0_8_2","NAUTILUS_PR3_ANCHOR","INSTALLER_PR3_ANCHOR","RAK_SOUNDVIEW_ANCHOR","NAUTILUS_PR2_ANCHOR","NAUTILUS_UIH_MERGE_BASE","NAUTILUS-NEW-UIH-BRANCH_ANCHOR","EAZEL-NAUTILUS-MS-AUG07","EAZEL_NAUTILUS_DEMO_2_ANCHOR","pre-mjs-demo-bugfixes","EAZEL_DEMO_1_ANCHOR","EAZEL-NAUTILUS-MS-JUL12","EAZEL-NAUTILUS-MS-JULY_5","nautilus_ms_may_31","mjs_pre_great_renaming","V0_0","POST_1_0_MERGE","GNOME_CORE_1_1_0","INITIAL","PRE_1_0_MERGE","GNOME_CORE_1_0_ANCHOR","GNOME_CORE_1_0_9","GNOME_CORE_1_0_8","GNOME_CORE_1_0_7","GNOME_CORE_1_0_6","GNOME_CORE_1_0_5","GNOME_CORE_1_0_4","GGV_0_61","GNOME_CORE_1_0_3","GNOME_CORE_1_0_1","GNOME_CORE_1_0_0_1","GNOME_0_99_8_1","GNOME_0_99_8","GNOME_0_99_7","GNOME_0_99_3","GNOME_0_99_2","PRE_PANEL2","GNOME_STABLE_ANCHOR","FOR_GNOME_0_99_1","PANTING_CHIMPANZEE","GNOME_0_30","GNOME_0_28_MARTIN","GNOME_0_27","GNOME_0_25","GNOME_0_20a","GNOME_0_20","DROOLING_MACAQUE"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12447.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}