CVE-2005-2974 - libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file t

CVE-2005-2974

Summary

libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.

References

Vulnerable Configurations

cpe:2.3:a:libungif:libungif:*:*:*:*:*:*:*:*
cpe:2.3:a:libungif:libungif:*:*:*:*:*:*:*:*
cpe:2.3:a:libungif:libungif:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:libungif:libungif:4.1.3:*:*:*:*:*:*:*

CVSS

Base:	2.6 (as of 13-02-2023 - 02:15)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:H/Au:N/C:N/I:N/A:P

oval via4

accepted

2013-04-29T04:10:33.614-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 3
oval oval:org.mitre.oval:def:11782
comment CentOS Linux 3.x
oval oval:org.mitre.oval:def:16651
comment The operating system installed on the system is Red Hat Enterprise Linux 4
oval oval:org.mitre.oval:def:11831
comment CentOS Linux 4.x
oval oval:org.mitre.oval:def:16636
comment Oracle Linux 4.x
oval oval:org.mitre.oval:def:15990
comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.

family

unix

oval:org.mitre.oval:def:10994

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.

version

redhat via4

advisories

rhsa
id RHSA-2005:828
rhsa
id RHSA-2009:0444

rpms

libungif-0:4.1.0-15.el3.3
libungif-0:4.1.3-1.el4.2
libungif-debuginfo-0:4.1.0-15.el3.3
libungif-debuginfo-0:4.1.3-1.el4.2
libungif-devel-0:4.1.0-15.el3.3
libungif-devel-0:4.1.3-1.el4.2
libungif-progs-0:4.1.3-1.el4.2
giflib-0:4.1.3-7.1.el5_3.1
giflib-debuginfo-0:4.1.3-7.1.el5_3.1
giflib-devel-0:4.1.3-7.1.el5_3.1
giflib-utils-0:4.1.3-7.1.el5_3.1

refmap via4

bid	15304
confirm	http://sourceforge.net/project/shownotes.php?release_id=364493 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171413
debian	DSA-890
fedora	FEDORA-2005-1045 FEDORA-2005-1046 FEDORA-2009-5118 FLSA-2006:174479 FLSA:174479
gentoo	GLSA-200511-03
mandriva	MDKSA-2005:207
misc	http://bugs.gentoo.org/show_bug.cgi?id=109997 http://scary.beasts.org/security/CESA-2005-007.txt
osvdb	20470
sectrack	1015149
secunia	17436 17438 17442 17462 17482 17488 17497 17508 17559 34872 35164
suse	SUSE-SR:2005:026
ubuntu	USN-214-1
vupen	ADV-2005-2295

Last major update

13-02-2023 - 02:15

Published

04-11-2005 - 00:02

Last modified

13-02-2023 - 02:15