Vulnerabilities > CVE-2022-24191 - Infinite Loop vulnerability in multiple products

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
htmldoc-project
fedoraproject
CWE-835
NVD
Published: 2022-04-04
Updated: 2023-11-07

Summary

In HTMLDOC 1.9.14, an infinite loop in the gif_read_lzw function can lead to a pointer arbitrarily pointing to heap memory and resulting in a buffer overflow.

Vulnerable Configurations

Part Description Count
Application
Htmldoc_Project
46
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)

References