Lucene search
RedhatCVELIST:CVE-2011-2896HistoryAug 19, 2011 - 5:00 p.m.
CVE-2011-2896
2011-08-1917:00:00
redhat
raw.githubusercontent.com
2
The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
Related
openvas
openvas
Mandriva Update for gimp MDVSA-2011:167 (gimp)
2011-11-08 00:00:00
Mandriva Update for gimp MDVSA-2011:167 (gimp)
2011-11-08 00:00:00
FreeBSD Ports: FreeBSD
2012-02-12 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
nessus
nessus
Oracle Linux 6 : cups (ELSA-2011-1635)
2023-09-07 00:00:00
Mandriva Linux Security Advisory : libxfont (MDVSA-2011:153)
2011-10-18 00:00:00
Mandriva Linux Security Advisory : gimp (MDVSA-2011:167)
2011-11-07 00:00:00
cvelist
cvelist
CVE-2011-2895
2011-08-19 17:00:00
CVE-2006-1168
2006-08-14 20:00:00
prion
prion
veracode
veracode
Remote Code Execution (RCE)
2019-01-15 08:52:23
Remote Code Execution (RCE)
2020-04-10 01:07:09
Arbitrary Code Execution
2020-04-10 01:01:36
securityvulns
securityvulns
[USN-1214-1] GIMP vulnerability
2011-09-26 00:00:00
[ MDKSA-2006:140 ] - Updated ncompress packages fix vulnerability
2006-08-10 00:00:00
libXfont memory corruption
2013-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: cups-1.4.8-2.fc15
2011-08-26 19:12:30
[SECURITY] Fedora 16 Update: pl-5.10.2-5.fc16
2011-09-09 17:09:28
[SECURITY] Fedora 16 Update: cups-1.5.0-6.fc16
2011-08-30 20:39:06
redhat
redhat
(RHSA-2011:1834) Important: libXfont security update
2011-12-19 00:00:00
(RHSA-2006:0663) ncompress security update
2006-09-12 00:00:00
(RHSA-2011:1161) Moderate: freetype security update
2011-08-15 00:00:00
centos
centos
libXfont security update
2011-09-02 16:41:15
freetype security update
2011-08-16 13:02:42
xorg security update
2011-08-14 20:09:20
oraclelinux
oraclelinux
Low ncompress security update
2006-11-30 00:00:00
xorg-x11 security update
2011-08-12 00:00:00
libXfont security update
2011-08-11 00:00:00
cve
cve
gentoo
gentoo
ncompress: Buffer Underflow
2006-10-06 00:00:00
libXfont: Multiple vulnerabilities
2014-02-21 00:00:00
freebsd
freebsd
libXfont -- possible local privilege escalation
2011-07-26 00:00:00
FreeBSD -- errors handling corrupt compress file in compress(1) and gzip(1)
2011-09-28 00:00:00
suse
suse
Security update for Xorg-X11 (important)
2011-12-06 21:08:30
freebsd_advisory
freebsd_advisory
FreeBSD-SA-11:04.compress
2011-09-28 00:00:00
amazon
amazon
Low: busybox
2012-07-05 16:23:00