ID CVE-2005-3350
Summary libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
References
Vulnerable Configurations
  • cpe:2.3:a:libungif:libungif:4.1
    cpe:2.3:a:libungif:libungif:4.1
  • cpe:2.3:a:libungif:libungif:4.1.3
    cpe:2.3:a:libungif:libungif:4.1.3
CVSS
Base: 7.5 (as of 03-11-2005 - 20:07)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-207.NASL
    description Several bugs have been discovered in the way libungif decodes GIF images. These allow an attacker to create a carefully crafted GIF image file in such a way that it could cause applications linked with libungif to crash or execute arbitrary code when the file is opened by the user. The updated packages have been patched to address this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20441
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20441
    title Mandrake Linux Security Advisory : libungif (MDKSA-2005:207)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200511-03.NASL
    description The remote host is affected by the vulnerability described in GLSA-200511-03 (giflib: Multiple vulnerabilities) Chris Evans and Daniel Eisenbud independently discovered two out-of-bounds memory write operations and a NULL pointer dereference in giflib. Impact : An attacker could craft a malicious GIF image and entice users to load it using an application making use of the giflib library, resulting in an application crash or potentially the execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 20153
    published 2005-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20153
    title GLSA-200511-03 : giflib: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-4848.NASL
    description - Update to 4.1.6 containing several upstream fixes etc. - Solved multilib problems with documentation (#465208, #474538) - Removed static library from giflib-devel package (#225796 #c1) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 39453
    published 2009-06-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39453
    title Fedora 10 : giflib-4.1.6-2.fc10 (2009-4848)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2009-0444.NASL
    description Updated giflib packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The giflib packages contain a shared library of functions for loading and saving GIF image files. This library is API and ABI compatible with libungif, the library that supported uncompressed GIF image files while the Unisys LZW patent was in effect. Several flaws were discovered in the way giflib decodes GIF images. An attacker could create a carefully crafted GIF image that could cause an application using giflib to crash or, possibly, execute arbitrary code when opened by a victim. (CVE-2005-2974, CVE-2005-3350) All users of giflib are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications using giflib must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 37605
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37605
    title RHEL 5 : giflib (RHSA-2009:0444)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20090422_GIFLIB_ON_SL5_X.NASL
    description Several flaws were discovered in the way giflib decodes GIF images. An attacker could create a carefully crafted GIF image that could cause an application using giflib to crash or, possibly, execute arbitrary code when opened by a victim. (CVE-2005-2974, CVE-2005-3350) All running applications using giflib must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60574
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60574
    title Scientific Linux Security Update : giflib on SL5.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2009-0444.NASL
    description Updated giflib packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The giflib packages contain a shared library of functions for loading and saving GIF image files. This library is API and ABI compatible with libungif, the library that supported uncompressed GIF image files while the Unisys LZW patent was in effect. Several flaws were discovered in the way giflib decodes GIF images. An attacker could create a carefully crafted GIF image that could cause an application using giflib to crash or, possibly, execute arbitrary code when opened by a victim. (CVE-2005-2974, CVE-2005-3350) All users of giflib are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications using giflib must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43744
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43744
    title CentOS 5 : giflib (CESA-2009:0444)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2009-0444.NASL
    description From Red Hat Security Advisory 2009:0444 : Updated giflib packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The giflib packages contain a shared library of functions for loading and saving GIF image files. This library is API and ABI compatible with libungif, the library that supported uncompressed GIF image files while the Unisys LZW patent was in effect. Several flaws were discovered in the way giflib decodes GIF images. An attacker could create a carefully crafted GIF image that could cause an application using giflib to crash or, possibly, execute arbitrary code when opened by a victim. (CVE-2005-2974, CVE-2005-3350) All users of giflib are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. All running applications using giflib must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2015-12-01
    plugin id 67849
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67849
    title Oracle Linux 5 : giflib (ELSA-2009-0444)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-214-1.NASL
    description Chris Evans discovered several buffer overflows in the libungif library. By tricking an user (or automated system) into processing a specially crafted GIF image, this could be exploited to execute arbitrary code with the privileges of the application using libungif. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20632
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20632
    title Ubuntu 4.10 / 5.04 / 5.10 : libungif4 vulnerabilities (USN-214-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-890.NASL
    description Chris Evans discovered several security related problems in libungif4, a shared library for GIF images. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2005-2974 NULL pointer dereference, that could cause a denial of service. - CVE-2005-3350 Out of bounds memory access that could cause a denial of service or the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-08-09
    plugin id 22756
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22756
    title Debian DSA-890-1 : libungif4 - several vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2005-828.NASL
    description Updated libungif packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The libungif package contains a shared library of functions for loading and saving GIF format image files. Several bugs in the way libungif decodes GIF images were discovered. An attacker could create a carefully crafted GIF image file in such a way that it could cause an application linked with libungif to crash or execute arbitrary code when the file is opened by a victim. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-2974 and CVE-2005-3350 to these issues. All users of libungif are advised to upgrade to these updated packages, which contain backported patches that resolve these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21869
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21869
    title CentOS 3 / 4 : libungif (CESA-2005:828)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-828.NASL
    description Updated libungif packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The libungif package contains a shared library of functions for loading and saving GIF format image files. Several bugs in the way libungif decodes GIF images were discovered. An attacker could create a carefully crafted GIF image file in such a way that it could cause an application linked with libungif to crash or execute arbitrary code when the file is opened by a victim. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-2974 and CVE-2005-3350 to these issues. All users of libungif are advised to upgrade to these updated packages, which contain backported patches that resolve these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 20145
    published 2005-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20145
    title RHEL 2.1 / 3 / 4 : libungif (RHSA-2005:828)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_10556.NASL
    description This update fixes the following security issues : - specially crafted GIF files could crash applications. (CVE-2005-2974) - specially crafted GIF files could overwrite memory which potentially allowed to execute arbitrary code. (CVE-2005-3350)
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 41083
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41083
    title SuSE9 Security Update : libungif (YOU Patch Number 10556)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-5118.NASL
    description - CVE-2005-2974: NULL pointer dereference crash (#494826) - CVE-2005-3350: Memory corruption via a crafted GIF (#494823) - Solved multilib problems with documentation (#465208, #474538) - Removed static library from giflib-devel package (#225796 #c1) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-21
    plugin id 38812
    published 2009-05-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38812
    title Fedora 9 : giflib-4.1.3-10.fc9 (2009-5118)
oval via4
accepted 2013-04-29T04:18:45.468-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
family unix
id oval:org.mitre.oval:def:9314
status accepted
submitted 2010-07-09T03:56:16-04:00
title libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
version 24
redhat via4
advisories
  • bugzilla
    id 494826
    title CVE-2005-2974 giflib/libunfig: NULL pointer dereference crash
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhsa:tst:20070055001
    • OR
      • AND
        • comment giflib is earlier than 0:4.1.3-7.1.el5_3.1
          oval oval:com.redhat.rhsa:tst:20090444002
        • comment giflib is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20090444003
      • AND
        • comment giflib-devel is earlier than 0:4.1.3-7.1.el5_3.1
          oval oval:com.redhat.rhsa:tst:20090444006
        • comment giflib-devel is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20090444007
      • AND
        • comment giflib-utils is earlier than 0:4.1.3-7.1.el5_3.1
          oval oval:com.redhat.rhsa:tst:20090444004
        • comment giflib-utils is signed with Red Hat redhatrelease key
          oval oval:com.redhat.rhsa:tst:20090444005
    rhsa
    id RHSA-2009:0444
    released 2009-04-22
    severity Important
    title RHSA-2009:0444: giflib security update (Important)
  • rhsa
    id RHSA-2005:828
rpms
  • giflib-0:4.1.3-7.1.el5_3.1
  • giflib-devel-0:4.1.3-7.1.el5_3.1
  • giflib-utils-0:4.1.3-7.1.el5_3.1
refmap via4
bid 15299
confirm
debian DSA-890
fedora
  • FEDORA-2009-5118
  • FLSA-2006:174479
  • FLSA:174479
gentoo GLSA-200511-03
mandriva MDKSA-2005:207
misc
osvdb 20471
sectrack 1015149
secunia
  • 17436
  • 17438
  • 17442
  • 17462
  • 17482
  • 17488
  • 17497
  • 17508
  • 17559
  • 34872
  • 35164
suse SUSE-SR:2005:026
ubuntu USN-214-1
vupen ADV-2005-2295
Last major update 07-03-2011 - 21:26
Published 03-11-2005 - 19:02
Last modified 19-10-2018 - 11:35
Back to Top