Published: 17/03/2017 Updated: 20/03/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

An issue exists in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChunk->size value (within the PNG file) to determine the amount of memory to allocate.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apng2gif project apng2gif 1.7

Debian Bug report logs - #854447 apng2gif: CVE-2017-6962: Integer overflow resulting in heap overflow write Package: apng2gif; Maintainer for apng2gif is Debian QA Group <packages@qadebianorg>; Source for apng2gif is src:apng2gif (PTS, buildd, popcon) Reported by: Dileep Kumar Jallepalli <dileepchinu@gmailcom> Da ...

Debian Bug report logs - #854441 apng2gif: CVE-2017-6961: Improper sanitization of user input causing huge memory allocations resulting in crash Package: apng2gif; Maintainer for apng2gif is Debian QA Group <packages@qadebianorg>; Source for apng2gif is src:apng2gif (PTS, buildd, popcon) Reported by: Dileep Kumar Jallepall ...

Debian Bug report logs - #854367 apng2gif: CVE-2017-6960: Integer overflow resulting in heap buffer overflow Package: apng2gif; Maintainer for apng2gif is Debian QA Group <packages@qadebianorg>; Source for apng2gif is src:apng2gif (PTS, buildd, popcon) Reported by: Dileep Kumar Jallepalli <dileepchinu@gmailcom> D ...

CWE-20 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854441 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854447

CVE-2017-6961

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect