CVE-2018-11490
26.05.2018, 18:29
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| giflib_project | giflib | 3.0 ≤ 𝑥 ≤ 3.1.1 |
| sam2p_project | sam2p | 0.49.4 |
| debian | debian_linux | 10.0 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 19.04 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| giflib-devel |
| ||||||||||||||||||||||||||||||||||||||
| giflib-progs |
| ||||||||||||||||||||||||||||||||||||||
| libgif6 |
| ||||||||||||||||||||||||||||||||||||||
| libgif6-32bit |
| ||||||||||||||||||||||||||||||||||||||
| libgif7 |
|
References