gif2png 2.5.2 - Remote Buffer Overflow
| EKU-ID: 39083 | CVE: CVE-2009-5018;OSVDB-63300 | OSVDB-ID: |
| Author: Razuel Akaharnath | Published: 2009-12-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 39083 | CVE: CVE-2009-5018;OSVDB-63300 | OSVDB-ID: |
| Author: Razuel Akaharnath | Published: 2009-12-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/41801/info gif2png is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions. gif2png 2.5.2 is vulnerable; other versions may also be affected. $> ./gif2png $(perl -e 'print "A" x 1053')