CVE-2017-6961

{"id": "CVE-2017-6961", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2017-03-17T09:59:00.287", "references": [{"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854441", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChunk->size value (within the PNG file) to determine the amount of memory to allocate."}, {"lang": "es", "value": "Se ha descubierto un problema en apng2gif 1.7. Hay una desinfecci\u00f3n inadecuada de la entrada del usuario provocando enormes asignaciones de memoria, lo que resulta en una ca\u00edda. Esto est\u00e1 relacionado con la funci\u00f3n read_chunk usando el valor pChunk->size (dentro del archivo PNG) para determinar la cantidad de memoria que se va a asignar."}], "lastModified": "2017-03-20T16:58:37.873", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apng2gif_project:apng2gif:1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8455AA84-D1FF-46AD-BDE3-AA42E6C13626"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}