Описание
Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 0.6.2.1-1 |
| gutsy | ignored | end of life, was needed |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needed |
| jaunty | not-affected | 0.6.2.1-1 |
| karmic | not-affected | 0.6.2.1-1 |
| lucid | not-affected | 0.6.2.1-1 |
| maverick | not-affected | 0.6.2.1-1 |
| natty | not-affected | 0.6.2.1-1 |
Показывать по
Ссылки на источники
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
Use-after-free vulnerability in the GIFReadNextExtension function in l ...
Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3