Giflib util/gif2rgb. c Heap Buffer Overflow Vulnerability (CVE-2016-3977)
Giflib util/gif2rgb. c Heap Buffer Overflow Vulnerability (CVE-2016-3977)
Release date:
Updated on:
Affected Systems:
Giflib 5.1.2
Description:
CVE (CAN) ID: CVE-2016-3977
Giflib is a library and utility for processing GIF images.
Giflib 5.1.2 and gif2rgb/util/gif2rgb. c have the heap buffer overflow vulnerability. Using the background color index of GIF files, remote attackers can cause DoS attacks.
<* Source: Andrej Nemec
*>
Suggestion:
Vendor patch:
Giflib
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://sourceforge.net/p/giflib/code/ci/ea8dbc5786862a3e16a5acfa3d24e2c2f608cd88/
Https://sourceforge.net/p/giflib/bugs/87/
Https://bugzilla.redhat.com/show_bug.cgi? Id = 1325771
This article permanently updates the link address: