High severity8.8NVD Advisory· Published May 26, 2018· Updated Jun 17, 2026
CVE-2018-11490
CVE-2018-11490
Description
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16- Range: ~3.0.x
- osv-coords15 versionspkg:rpm/opensuse/giflib&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/giflib&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/giflib&distro=openSUSE%20Tumbleweedpkg:rpm/suse/giflib&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP2pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/giflib&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 5.2.1-150000.4.8.1+ 14 more
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-2.3
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.0.5-13.3.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.0.5-13.3.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.2.1-150000.4.8.1
- (no CPE)range: < 5.0.5-13.3.1
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/104327nvdThird Party AdvisoryVDB Entry
- github.com/pts/sam2p/issues/38nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2022/12/msg00008.htmlnvdMailing ListThird Party Advisory
- usn.ubuntu.com/4107-1/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.