Vulnerabilities > CVE-2021-45909 - Out-of-bounds Write vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

gif2apng-project

debian

CWE-787

NVD

Published: 2021-12-28

Updated: 2024-11-21

Summary

An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer.

Vulnerable Configurations

Part	Description	Count
Application	Gif2Apng_Project Gif2Apng Project Gif2Apng 1.9	1
OS	Debian Debian Debian Linux 9.0	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002668
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002668
https://lists.debian.org/debian-lts-announce/2022/03/msg00008.html
https://lists.debian.org/debian-lts-announce/2022/03/msg00008.html