CVE-2011-2896
Description
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
Affected products
3Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
32- cups.org/str.phpnvdPatchThird Party Advisory
- git.gnome.org/browse/gimp/commit/nvdPatchVendor Advisory
- www.openwall.com/lists/oss-security/2011/08/10/10nvdMailing ListPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.htmlnvdThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-1180.htmlnvdThird Party Advisory
- rhn.redhat.com/errata/RHSA-2012-1181.htmlnvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201209-23.xmlnvdThird Party Advisory
- www.debian.org/security/2011/dsa-2354nvdThird Party Advisory
- www.debian.org/security/2012/dsa-2426nvdThird Party Advisory
- www.securityfocus.com/bid/49148nvdBroken LinkThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
- www.swi-prolog.org/bugzilla/show_bug.cginvdIssue TrackingThird Party Advisory
- www.ubuntu.com/usn/USN-1207-1nvdThird Party Advisory
- www.ubuntu.com/usn/USN-1214-1nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- secunia.com/advisories/45621nvdBroken Link
- secunia.com/advisories/45900nvdBroken Link
- secunia.com/advisories/45945nvdBroken Link
- secunia.com/advisories/45948nvdBroken Link
- secunia.com/advisories/46024nvdBroken Link
- secunia.com/advisories/48236nvdBroken Link
- secunia.com/advisories/48308nvdBroken Link
- secunia.com/advisories/50737nvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.redhat.com/support/errata/RHSA-2011-1635.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.