oss-sec mailing list archives
Re: CVE request: GIF loader buffer overflow when initializing decompression tables
From: Tomas Hoger <thoger () redhat com>
Date: Fri, 19 Aug 2011 10:25:34 +0200
On Tue, 2 Aug 2011 17:34:28 +0200 Thomas Biege wrote:
The same flaw was previously reported for several other components that include GIF reading code based on David Koblas' parser, such as: gd (CVE-2006-4484), SDL_image (CVE-2007-6697), tk (CVE-2008-0553), netbpm (CVE-2008-0554), cups (CVE-2008-1373).
The similar was spotted in XPCE when reviewing upstream fix for CVE-2011-2896: http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c2 -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE request: GIF loader buffer overflow when initializing decompression tables Thomas Biege (Aug 02)
- Re: CVE request: GIF loader buffer overflow when initializing decompression tables Tomas Hoger (Aug 03)
- Re: CVE request: GIF loader buffer overflow when initializing decompression tables Tomas Hoger (Aug 19)