Vulnerabilities > CVE-2017-18120 - Double Free vulnerability in Lcdf Gifsicle 1.90

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
lcdf
CWE-415
nessus

Summary

A double-free bug in the read_gif function in gifread.c in gifsicle 1.90 allows a remote attacker to cause a denial-of-service attack or unspecified other impact via a maliciously crafted file, because last_name is mishandled, a different vulnerability than CVE-2017-1000421.

Vulnerable Configurations

Part Description Count
Application
Lcdf
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-202C536F70.NASL
    descriptionUpdate to 1.91 - fixes double-free in read_gif Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2019-01-03
    plugin id120284
    published2019-01-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120284
    titleFedora 28 : gifsicle (2018-202c536f70)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2018-9892225623.NASL
    descriptionUpdate to 1.91 - fixes double-free in read_gif Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2018-05-31
    plugin id110253
    published2018-05-31
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/110253
    titleFedora 27 : gifsicle (2018-9892225623)