Buffer overflow in Catb Gif2png

CVE-2010-4694

Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long e…

Vulnerability class: Buffer Overflow

EPSS: 0.039 (88.5th percentile) — read the EPSS interpretation.

Affected products

Catb Gif2png — versions 0.99, 1.0.0, 1.1.0
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

GLSA-201203-15 (vendor-advisory, x_refsource_GENTOO)
cve@mitre.org (x_refsource_CONFIRM, Exploit, Patch)
[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem (mailing-list, x_refsource_MLIST)
ADV-2011-0023 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
MDVSA-2011:009 (vendor-advisory, x_refsource_MANDRIVA)
[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem (mailing-list, x_refsource_MLIST)
42796 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch)
cve@mitre.org (x_refsource_CONFIRM, Patch)
gif2png-gif-bo(64754) (vdb-entry, x_refsource_XF)