CVE-2009-5018

Related Files

Mandriva Linux Security Advisory 2011-009

Posted Jan 14, 2011

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-009 - Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png. Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as.p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.

tags | advisory, denial of service, overflow, arbitrary, cgi

systems | linux, mandriva

advisories | CVE-2009-5018, CVE-2010-4694

SHA-256 | 76e0bcc1c9ba81bbf81706d454d9420f4d4853d0b97080829654f06c6930215a

Download | Favorite | View

Gentoo Linux Security Advisory 201101-01

Posted Jan 6, 2011

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-1 - gif2png contains a stack overflow vulnerability when parsing command line arguments. gif2png contains a command line parsing vulnerability that may result in a stack overflow due to an unexpectedly long input filename. Versions less than 2.5.1-r1 are affected.

tags | advisory, overflow

systems | linux, gentoo

advisories | CVE-2009-5018

SHA-256 | dcda8a8e122d53320b8fc700937fe1ca16e01215b17654c07bafb7692f106e7d

Download | Favorite | View