CVE-2010-4694 (GCVE-0-2010-4694)
Vulnerability from cvelistv5
Published
2011-01-14 17:00
Modified
2024-08-07 03:55
Severity ?
CWE
  • n/a
Summary
Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.
References
cve@mitre.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978 Patch
cve@mitre.org http://bugs.gentoo.org/show_bug.cgi?id=346501 Patch
cve@mitre.org http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup Patch
cve@mitre.org http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log Patch
cve@mitre.org http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html Patch
cve@mitre.org http://openwall.com/lists/oss-security/2010/11/21/1 Exploit, Patch
cve@mitre.org http://openwall.com/lists/oss-security/2010/11/22/1 Exploit, Patch
cve@mitre.org http://openwall.com/lists/oss-security/2010/11/22/12
cve@mitre.org http://openwall.com/lists/oss-security/2010/11/22/3
cve@mitre.org http://secunia.com/advisories/42796 Vendor Advisory
cve@mitre.org http://security.gentoo.org/glsa/glsa-201101-01.xml
cve@mitre.org http://security.gentoo.org/glsa/glsa-201203-15.xml
cve@mitre.org http://www.mandriva.com/security/advisories?name=MDVSA-2011:009
cve@mitre.org http://www.securityfocus.com/bid/45815
cve@mitre.org http://www.vupen.com/english/advisories/2010/3036 Vendor Advisory
cve@mitre.org http://www.vupen.com/english/advisories/2011/0023 Vendor Advisory
cve@mitre.org http://www.vupen.com/english/advisories/2011/0107
cve@mitre.org https://bugzilla.redhat.com/show_bug.cgi?id=547515 Exploit, Patch
cve@mitre.org https://exchange.xforce.ibmcloud.com/vulnerabilities/64754
af854a3a-2127-422b-91ae-364da2661108 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978 Patch
af854a3a-2127-422b-91ae-364da2661108 http://bugs.gentoo.org/show_bug.cgi?id=346501 Patch
af854a3a-2127-422b-91ae-364da2661108 http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD&root=extras&view=markup Patch
af854a3a-2127-422b-91ae-364da2661108 http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras&view=log Patch
af854a3a-2127-422b-91ae-364da2661108 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html Patch
af854a3a-2127-422b-91ae-364da2661108 http://openwall.com/lists/oss-security/2010/11/21/1 Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108 http://openwall.com/lists/oss-security/2010/11/22/1 Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108 http://openwall.com/lists/oss-security/2010/11/22/12
af854a3a-2127-422b-91ae-364da2661108 http://openwall.com/lists/oss-security/2010/11/22/3
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/42796 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-201101-01.xml
af854a3a-2127-422b-91ae-364da2661108 http://security.gentoo.org/glsa/glsa-201203-15.xml
af854a3a-2127-422b-91ae-364da2661108 http://www.mandriva.com/security/advisories?name=MDVSA-2011:009
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/45815
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2010/3036 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2011/0023 Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.vupen.com/english/advisories/2011/0107
af854a3a-2127-422b-91ae-364da2661108 https://bugzilla.redhat.com/show_bug.cgi?id=547515 Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/64754
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:55:34.472Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201203-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201203-15.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547515"
          },
          {
            "name": "[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/11/22/12"
          },
          {
            "name": "ADV-2011-0023",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0023"
          },
          {
            "name": "MDVSA-2011:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:009"
          },
          {
            "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/11/22/3"
          },
          {
            "name": "42796",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42796"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=346501"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras\u0026view=log"
          },
          {
            "name": "gif2png-gif-bo(64754)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64754"
          },
          {
            "name": "ADV-2010-3036",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3036"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD\u0026root=extras\u0026view=markup"
          },
          {
            "name": "[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/11/21/1"
          },
          {
            "name": "ADV-2011-0107",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0107"
          },
          {
            "name": "GLSA-201101-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201101-01.xml"
          },
          {
            "name": "45815",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45815"
          },
          {
            "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2010/11/22/1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978"
          },
          {
            "name": "FEDORA-2010-0358",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-01-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "GLSA-201203-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201203-15.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547515"
        },
        {
          "name": "[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/11/22/12"
        },
        {
          "name": "ADV-2011-0023",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0023"
        },
        {
          "name": "MDVSA-2011:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:009"
        },
        {
          "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/11/22/3"
        },
        {
          "name": "42796",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42796"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=346501"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras\u0026view=log"
        },
        {
          "name": "gif2png-gif-bo(64754)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64754"
        },
        {
          "name": "ADV-2010-3036",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3036"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD\u0026root=extras\u0026view=markup"
        },
        {
          "name": "[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/11/21/1"
        },
        {
          "name": "ADV-2011-0107",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0107"
        },
        {
          "name": "GLSA-201101-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201101-01.xml"
        },
        {
          "name": "45815",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45815"
        },
        {
          "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2010/11/22/1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978"
        },
        {
          "name": "FEDORA-2010-0358",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4694",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201203-15",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201203-15.xml"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=547515",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=547515"
            },
            {
              "name": "[oss-security] 20101122 Re: CVE Request: gif2png: command-line buffer overflow problem",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2010/11/22/12"
            },
            {
              "name": "ADV-2011-0023",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0023"
            },
            {
              "name": "MDVSA-2011:009",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:009"
            },
            {
              "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2010/11/22/3"
            },
            {
              "name": "42796",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42796"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=346501",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=346501"
            },
            {
              "name": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras\u0026view=log",
              "refsource": "CONFIRM",
              "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras\u0026view=log"
            },
            {
              "name": "gif2png-gif-bo(64754)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64754"
            },
            {
              "name": "ADV-2010-3036",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/3036"
            },
            {
              "name": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD\u0026root=extras\u0026view=markup",
              "refsource": "CONFIRM",
              "url": "http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD\u0026root=extras\u0026view=markup"
            },
            {
              "name": "[oss-security] 20101121 CVE Request: gif2png: command-line buffer overflow problem",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2010/11/21/1"
            },
            {
              "name": "ADV-2011-0107",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0107"
            },
            {
              "name": "GLSA-201101-01",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201101-01.xml"
            },
            {
              "name": "45815",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/45815"
            },
            {
              "name": "[oss-security] 20101121 Re: CVE Request: gif2png: command-line buffer overflow problem",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2010/11/22/1"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978"
            },
            {
              "name": "FEDORA-2010-0358",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4694",
    "datePublished": "2011-01-14T17:00:00",
    "dateReserved": "2011-01-14T00:00:00",
    "dateUpdated": "2024-08-07T03:55:34.472Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-4694\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-01-14T18:00:01.497\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.\"},{\"lang\":\"es\",\"value\":\"Un desbordamiento de b\u00fafer en gif2png.c en gif2png v2.5.3 y anteriores puede permitir provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) a atacantes dependientes de contexto o tener un impacto no especificado a trav\u00e9s de un archivo GIF que contiene muchas im\u00e1genes, dando lugar a grandes extensiones como .p100 para archivos PNG, tal y como lo demuestra un programa CGI que lanza gif2png. Se trata de una vulnerabilidad diferente de CVE-2009-5018.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.3\",\"matchCriteriaId\":\"0D90E370-32B8-4D41-BDB1-30D4AA4A7B5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:0.99:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17224395-486D-4D46-80EF-EAF85410310C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8968CF87-4B34-4CE9-8935-8603B9B9B983\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:1.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A16C1096-4F7E-42C6-BFC6-60C49EB6AD48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:1.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0594402-BA68-4A8E-A6F9-7FFAAB80CCDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:1.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA64512E-81A7-41F5-A713-8FD8CC964851\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:1.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6755656F-6BFA-415F-AE69-BBFCADAE09E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:1.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7438F8E-B3F1-48E9-B3B3-051788993E84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D58CC27-E3F8-4F54-A9A8-726DB7E51E4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"05A6E63D-CAE0-40C9-87DA-F4CEA893A8B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"370092DB-17FA-48F8-A119-E556EC71B6AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13AB2FA3-F2B4-4A09-B642-BE0992F86075\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CE40391-721D-4712-BB5E-EBF4875BCAC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB360436-4BEC-4885-A2E6-CC612F3B3422\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3E139BE-2165-4C9D-85C7-969813C30276\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78FDD948-A9A2-4555-BBC0-9D97B42BE623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BADA5573-12C4-418F-8658-77AF4A55543F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C0D399F-9317-41CE-9553-1CCD9628D95E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C682B620-2261-43DA-B1A0-51880F8A2F83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB6BB28C-5F69-49C8-8E24-4194C1AE8B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C921E536-3A00-4E07-8DFB-39BAFE00171C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A749323-D178-4C08-92E1-FD37209A6376\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63F79633-9082-41F4-B3CC-A6AFB441C355\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAD17223-6C87-4BFD-9F46-8AF266E1C419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DA45231-8D51-4352-AA11-D074E733ABBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F531DC25-524C-4CB4-BC43-3F7FB4376486\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEF3962D-85E3-452F-A529-BF920047FD03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"156E4540-B53E-4CA9-B103-BD9F99C1915C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7917BF52-11FC-4A91-B4C8-B769D40E47F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19434293-310E-4F92-97F3-7E09338BCE0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"663470DB-638F-4E73-A045-20BAF38DC0CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2A8C80A-906C-4893-8750-5892999553EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9197A7A8-0FC2-43FB-B679-EB6653DAC928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108DD84D-21C0-4C21-8B2F-9034D253D57F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C80ECBF4-91B6-4F26-987D-96EEEB7FEAA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:catb:gif2png:2.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7483924E-DA57-4875-BE41-5CA5E58BE2BA\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=346501\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD\u0026root=extras\u0026view=markup\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras\u0026view=log\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/21/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/22/1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/22/12\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/22/3\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/42796\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-01.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201203-15.xml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:009\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/45815\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/3036\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0023\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0107\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=547515\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64754\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=550978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=346501\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?revision=HEAD\u0026root=extras\u0026view=markup\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://cvs.fedoraproject.org/viewvc/rpms/gif2png/devel/gif2png-overflow.patch?root=extras\u0026view=log\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051229.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/21/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/22/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/22/12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://openwall.com/lists/oss-security/2010/11/22/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/42796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-201101-01.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201203-15.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2011:009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/45815\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/3036\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0023\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2011/0107\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=547515\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64754\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.