gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.
References
Link | Resource |
---|---|
http://optipng.sourceforge.net/history.txt | Vendor Advisory |
http://www.ubuntu.com/usn/USN-2951-1 | |
https://sourceforge.net/p/optipng/bugs/53/ |
Configurations
History
No history.
Information
Published : 2016-04-20 16:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-7802
Mitre link : CVE-2015-7802
CVE.ORG link : CVE-2015-7802
JSON object : View
Products Affected
canonical
- ubuntu_linux
optipng_project
- optipng
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer