RSS   Vulnerabilities for 'Giflib'   RSS

2021-04-21
 
CVE-2020-23922

CWE-125
 
 
An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read.

 
2019-08-17
 
CVE-2019-15133

CWE-369
 
 
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.

 
2018-05-26
 
CVE-2018-11490

CWE-119
 
 
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

 
 
CVE-2018-11489

CWE-119
 
 
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

 
2017-01-23
 
CVE-2016-3177

 
 
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.

 
2016-04-21
 
CVE-2016-3977

CWE-119
 
 
Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

 
2016-04-13
 
CVE-2015-7555

CWE-119
 
 
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.

 

Copyright 2024, cxsecurity.com

 

Back to Top