Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2023-43907

Published: 01/10/2023 Updated: 14/11/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Optipng

Vulnerability Summary

OptiPNG v0.7.7 exists to contain a global buffer overflow via the 'buffer' variable at gifread.c.

Vulnerable Product Search on Vulmon Subscribe to Product

optipng project optipng 0.7.7

Vendor Advisories

Debian CVElist Bug Report Logs: optipng: CVE-2023-43907
Debian Bug report logs - #1055668 optipng: CVE-2023-43907 Package: src:optipng; Maintainer for src:optipng is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 9 Nov 2023 20:09:01 UTC Severity: important Tags: fixed-upstream ...
Red Hat:
Description<!---->A flaw was found in OptiPNG A global buffer overflow via the 'buffer' variable at gifreadc was found in how OptiPNG handles GIF file processing This flaw could be used to crash the OptiPNG program by tricking it into processing crafted GIF filesA flaw was found in OptiPNG A global buffer overflow via the 'buffer' variable at ...

References

CWE-120http://optipng.sourceforge.net/https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/optipng-global-buffer-overflow1/optipng-global-buffer-overflow1.mdhttps://sourceforge.net/projects/optipng/files/OptiPNG/optipng-0.7.7/optipng-0.7.7.tar.gz/download?use_mirror=udomain&download=https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IBHVG5LDE2K3FZSIK4XFXOUXSE7NZ5JH/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RCG5CMDT37WCZGAWQNOIPVP4VHGCPUU3/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VAB22JXDE7O27DYARZXC7PFUETM5OOT5/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055668https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-43907
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook