CVE-2016-3977

Опубликовано: 04 апр. 2016

Источник: redhat

CVSS2: 4.3

EPSS Низкий

Описание

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

Отчет

Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	giflib	Will not fix
Red Hat Enterprise Linux 6	giflib	Will not fix
Red Hat Enterprise Linux 7	giflib	Will not fix
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools	phantomjs	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1325771giflib: heap buffer overflow in gif2rgb

EPSS

Процентиль: 76%

0.00972

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2016-3977

CVSS3: 5.5

ubuntu

почти 10 лет назад

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

CVE-2016-3977

CVSS3: 5.5

nvd

почти 10 лет назад

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

CVE-2016-3977

CVSS3: 5.5

debian

почти 10 лет назад

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1. ...

openSUSE-SU-2016:1219-1

suse-cvrf

почти 10 лет назад

Security update for giflib

SUSE-SU-2016:1140-1

suse-cvrf

почти 10 лет назад

Security update for giflib

EPSS

Процентиль: 76%

0.00972

Низкий

4.3 Medium

CVSS2