Published: 25/04/2022 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.

Vulnerable Product	Search on Vulmon	Subscribe to Product
giflib project giflib 5.2.1
fedoraproject fedora 35
fedoraproject fedora 36

There is a heap-buffer-overflow in GIFLIB 521 function DumpScreen2RGB() in gif2rgbc:298:45 (CVE-2022-28506) ...

TACE Description Taint Assisted Concolic Execution (TACE) utilizes the concept of taint in symbolic execution to identify all sets of dependent symbols TACE can evaluate a subset of these sets with a significantly reduced testing effort by concretizing some symbols from selected subsets The remaining subsets are explored with symbolic values TACE optimizes symbolic constrain

CWE-787 https://sourceforge.net/p/giflib/bugs/159/https://github.com/verf1sh/Poc/blob/master/asan_report_giflib.png https://github.com/verf1sh/Poc/blob/master/giflib_poc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4CJSHXBD2RS5OJNWSHQZVMTQCCTIPYS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEAFUZXOOJJVFYRQM6IIJ7LMLEKCCESG/https://nvd.nist.gov https://github.com/tacetool/TACE https://alas.aws.amazon.com/AL2022/ALAS-2022-139.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-28506

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect