Описание
The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libnsgif | removed | package | ||
| libnsgif | no-dsa | squeeze | package | |
| netsurf | fixed | 3.2+dfsg-3 | package | |
| netsurf | no-dsa | jessie | package | |
| netsurf | no-dsa | wheezy | package |
Примечания
http://source.netsurf-browser.org/libnsgif.git/commit/?id=088fa0819f1aeaf212a95caf7393a38c1640b5f0
EPSS
Связанные уязвимости
The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.
The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.
The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file.
EPSS