CVE-2021-45910
Description
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.134
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| tool for converting animated GIF images to APNG format (USN-5969-1) gif2apng_1.9+srconly-2ubuntu0.1_i386.deb | Linux |
| tool for converting animated GIF images to APNG format (USN-5969-1) gif2apng_1.9+srconly-2ubuntu0.1_amd64.deb | Linux |
| tool for converting animated GIF images to APNG format (USN-5969-1) gif2apng_1.9+srconly-3ubuntu0.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234