Published: 17/03/2017 Updated: 20/01/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

An issue exists in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apng2gif project apng2gif 1.7
debian debian linux 8.0
canonical ubuntu linux 16.04

Debian Bug report logs - #854447 apng2gif: CVE-2017-6962: Integer overflow resulting in heap overflow write Package: apng2gif; Maintainer for apng2gif is Debian QA Group <packages@qadebianorg>; Source for apng2gif is src:apng2gif (PTS, buildd, popcon) Reported by: Dileep Kumar Jallepalli <dileepchinu@gmailcom> Da ...

Debian Bug report logs - #854441 apng2gif: CVE-2017-6961: Improper sanitization of user input causing huge memory allocations resulting in crash Package: apng2gif; Maintainer for apng2gif is Debian QA Group <packages@qadebianorg>; Source for apng2gif is src:apng2gif (PTS, buildd, popcon) Reported by: Dileep Kumar Jallepall ...

Debian Bug report logs - #854367 apng2gif: CVE-2017-6960: Integer overflow resulting in heap buffer overflow Package: apng2gif; Maintainer for apng2gif is Debian QA Group <packages@qadebianorg>; Source for apng2gif is src:apng2gif (PTS, buildd, popcon) Reported by: Dileep Kumar Jallepalli <dileepchinu@gmailcom> D ...

CWE-190 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854367 https://lists.debian.org/debian-lts-announce/2020/03/msg00039.html https://usn.ubuntu.com/4513-1/https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854447

CVE-2017-6960

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect