CVE-2011-2896

🗓️ 19 Aug 2011 17:00:00Reported by redhatType

The LZW decompressor in the GIF decoder has a vulnerability in handling code words, allowing remote attackers to trigger infinite loops or buffer overflows. (CVE-2011-2896

Reporter	Title	Published	Views	Family All 158
Tenable Nessus	CentOS 6 : gimp (CESA-2012:1180)	21 Aug 201200:00	–	nessus
Tenable Nessus	CentOS 5 : gimp (CESA-2012:1181)	21 Aug 201200:00	–	nessus
Tenable Nessus	CUPS < 1.4.7 'gif_read_lzw' Buffer Overflow	29 Aug 201100:00	–	nessus
Tenable Nessus	Debian DSA-2354-1 : cups - several vulnerabilities	1 Dec 201100:00	–	nessus
Tenable Nessus	Debian DSA-2426-1 : gimp - several vulnerabilities	7 Mar 201200:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : libXfont (EulerOS-SA-2019-2357)	10 Dec 201900:00	–	nessus
Tenable Nessus	Fedora 16 : gimp-2.6.11-21.fc16 (2011-10761)	23 Aug 201100:00	–	nessus
Tenable Nessus	Fedora 14 : gimp-2.6.11-21.fc14 (2011-10782)	23 Aug 201100:00	–	nessus
Tenable Nessus	Fedora 15 : gimp-2.6.11-21.fc15 (2011-10788)	20 Aug 201100:00	–	nessus
Tenable Nessus	Fedora 16 : cups-1.5.0-6.fc16 (2011-11173)	31 Aug 201100:00	–	nessus

NVD

Node

swi-prolog swi-prologRange≤5.10.4

Node

apple cupsRange≤1.4.6

Node

gimp gimpRange≤2.6.11

Source	Link
cups	www.cups.org/str.php
secunia	www.secunia.com/advisories/48308
redhat	www.redhat.com/support/errata/RHSA-2011-1635.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html
git	www.git.gnome.org/browse/gimp/commit/
secunia	www.secunia.com/advisories/48236
lists	www.lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html
debian	www.debian.org/security/2012/dsa-2426
secunia	www.secunia.com/advisories/45621
secunia	www.secunia.com/advisories/50737

29 Apr 2026 01:13Current

7.3High risk

Vulners AI Score7.3

CVSS 25.1

EPSS0.07216

CWE-787