CVE-2016-3977

NONE EPSS 79.6%
Published Apr 21, 201610y ago · Modified Jun 17, 20262w ago
Find Similar
Published Apr 21, 2016 10y ago
Last Modified Jun 17, 2026 2w ago

Description

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

Threat Intelligence

EPSS Exploit Probability
79.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 2

VendorProductVersionRange
opensuseopensuse13.2any
giflib_projectgiflib* ≤5.1.2

References 9

Remediation

  • sourceforge.net https://sourceforge.net/p/giflib/bugs/87/
    Patch
  • sourceforge.net https://sourceforge.net/p/giflib/code/ci/ea8dbc5786862a3e16a5acfa3d24e2c2f608cd88/
    PatchVendor Advisory