5.1

CVE-2011-2896

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

Data is provided by the National Vulnerability Database (NVD)
Swi-prologSwi-prolog Version <= 5.10.4
AppleCups Version <= 1.4.6
GimpGimp Version <= 2.6.11
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 5.27% 0.89
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://www.openwall.com/lists/oss-security/2011/08/10/10
Patch
Third Party Advisory
Mailing List
http://cups.org/str.php?L3867
Patch
Third Party Advisory
http://www.securityfocus.com/bid/49148
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id?1025929
Third Party Advisory
Broken Link
VDB Entry
http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4
Third Party Advisory
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=727800
Patch
Third Party Advisory
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=730338
Third Party Advisory
Issue Tracking