Description
Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- openSUSE / opensuse10.3 – 11.1
- optipng_project / optipng0.6.2
- SUSE / linux_enterprise9-11 – 9-11
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/34201
- VENDOR_ADVISORYhttp://secunia.com/advisories/34259
- VENDOR_ADVISORYhttp://secunia.com/advisories/34035
- MISChttp://www.securityfocus.com/bid/33873
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/0510
- MISChttp://optipng.sourceforge.net
- MISChttp://sourceforge.net/tracker/index.php?func=detail&aid=2582013&group_id=151404&atid=780913
- VENDOR_ADVISORYhttp://secunia.com/advisories/35685
- MAILING_LISThttp://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2009/02/24/2
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2009/02/25/4
- MISChttp://www.gentoo.org/security/en/glsa/glsa-200903-12.xml
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/48879