Vulnerabilities > CVE-2021-45909 - Out-of-bounds Write vulnerability in multiple products

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

gif2apng-project

debian

CWE-787

NVD

Published: 2021-12-28

Updated: 2022-04-06

Summary

An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer.

Vulnerable Configurations

Part	Description	Count
Application	Gif2Apng_Project Gif2Apng Project Gif2Apng 1.9	1
OS	Debian Debian Debian Linux 9.0	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002668
https://lists.debian.org/debian-lts-announce/2022/03/msg00008.html