A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different vulnerability than CVE-2017-1000421.
References
Link | Resource |
---|---|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878739 | Mailing List Third Party Advisory |
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881120 | Mailing List Third Party Advisory |
https://github.com/kohler/gifsicle/commit/118a46090c50829dc543179019e6140e1235f909 | Patch Third Party Advisory |
https://github.com/kohler/gifsicle/issues/117 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-02T09:00:00
Updated: 2018-02-02T08:57:01
Reserved: 2018-02-01T00:00:00
Link: CVE-2017-18120
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-02-02T09:29:00.227
Modified: 2023-10-24T16:06:23.780
Link: CVE-2017-18120
JSON object: View
Redhat Information
No data.
CWE