Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-3977

Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1.2 allows remote attackers to cause a denial of service (application crash) via the background color index in a GIF file.

Related bugs and status

CVE-2016-3977 (Candidate) is related to these bugs:

Bug #1580376: Update giflib Xenial Package to 5.1.4

		In	Importance	Status
1580376	Update giflib Xenial Package to 5.1.4	giflib (Ubuntu)	Critical	Fix Released
1580376	Update giflib Xenial Package to 5.1.4	One Hundred Papercuts	Critical	Fix Released
1580376	Update giflib Xenial Package to 5.1.4	giflib (Ubuntu Xenial)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://bugs.fi/fuzzing...
CONFIRM: https://bugzilla.redha...
CONFIRM: https://sourceforge.ne...
CONFIRM: https://sourceforge.ne...
SUSE: openSUSE-SU-2016:1111
BID: 88103
SUSE: openSUSE-SU-2016:1219
SUSE: openSUSE-SU-2016:1118
UBUNTU: USN-4107-1