Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-11490

Опубликовано: 26 мая 2018
Источник: ubuntu
Приоритет: low
CVSS2: 6.8
CVSS3: 8.8

Описание

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

5.1.4-2ubuntu0.1
cosmic

ignored

end of life
devel

released

5.1.4-3ubuntu1
disco

released

5.1.4-3ubuntu0.1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/bionic

released

5.1.4-2ubuntu0.1
esm-infra/xenial

released

5.1.4-0.3~16.04.1
precise/esm

DNE

trusty

ignored

end of standard support

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-11490

CVSS3: 3.3
redhat
больше 7 лет назад

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

nvd логотип

CVE-2018-11490

CVSS3: 8.8
nvd
больше 7 лет назад

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

debian логотип

CVE-2018-11490

CVSS3: 8.8
debian
больше 7 лет назад

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly vers ...

github логотип

GHSA-5fjm-57qj-h2pj

CVSS3: 8.8
github
больше 3 лет назад

The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.

fstec логотип

BDU:2022-05750

CVSS3: 8.8
fstec
больше 7 лет назад

Уязвимость функции DGifDecompressLine компонента dgif_lib.c библиотеки для работы с GIF файлами GIFLIB, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

6.8 Medium

CVSS2

8.8 High

CVSS3