Your submission was sent successfully! Close

CVE-2015-7555

Published: 13 April 2016

Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.

Notes

AuthorNote
msalvatore
patch released in 4.1.6-11+deb8u1
Priority

Low

CVSS 3 base score: 5.5

Status

Package Release Status
giflib
Launchpad, Ubuntu, Debian
artful Not vulnerable
(5.1.2-0.1)
bionic Not vulnerable
(5.1.2-0.1)
cosmic Not vulnerable
(5.1.2-0.1)
disco Not vulnerable
(5.1.2-0.1)
precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was needed)
upstream
Released (4.1.6-11+deb8u1, 5.1.2)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(5.1.2-0.1)
yakkety Not vulnerable
(5.1.2-0.1)
zesty Not vulnerable
(5.1.2-0.1)
Patches:
upstream: http://sourceforge.net/p/giflib/code/ci/179510be300bf11115e37528d79619b53c884a63