Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE request: GIF loader buffer overflow when initializing decompression tables
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 19 Aug 2011 10:25:34 +0200

On Tue, 2 Aug 2011 17:34:28 +0200 Thomas Biege wrote:

The same flaw was previously reported for several other components
that include GIF reading code based on David Koblas' parser, such as:
gd (CVE-2006-4484), SDL_image (CVE-2007-6697), tk (CVE-2008-0553),
netbpm (CVE-2008-0554), cups (CVE-2008-1373).

The similar was spotted in XPCE when reviewing upstream
fix for CVE-2011-2896:

http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c2

-- 
Tomas Hoger / Red Hat Security Response Team


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]