17 matches found
CVE-2023-39114
CVE-2023-39114 affects ngiflib (commit 84a75) with a segmentation violation in SDL_LoadAnimatedGif inside ngiflibSDL.c when running SDLaffgif. Documented impact: MEDIUM severity (CVSS v3.1: 5.5) with local attack vector, no privileges required, user interaction needed, and availability impact rat...
CVE-2018-11575
CVE-2018-11575 affects MiniUPnP ngiflib 0.4; a stack-based buffer overflow occurs in DecodeGifImg of ngiflib.c. This is described as potentially allowing arbitrary code execution or denial of service. Attack vector is network-based with low complexity per the NVD entry; CVSS metrics indicate high...
CVE-2018-11578
The CVE-2018-11578 entry concerns MiniUPnP ngiflib 0.4, where GifIndexToTrueColor in ngiflib.c is reported to cause a segmentation fault. The description consistently states that a segmentation fault occurs in the GifIndexToTrueColor routine of the ngiflib.c file within MiniUPnP ngiflib 0.4. Mult...
CVE-2018-11657
The CVE-2018-11657 issue affects MiniUPnP’s ngiflib 0.4, specifically the DecodeGifImg and LoadGif routines, which can enter an infinite loop. The vulnerability is described across multiple sources (NVD, Red Hat, OSV, CVE listings) as ngiflib.c in MiniUPnP ngiflib 0.4 with an infinite loop in tho...
CVE-2021-36531
NGIFLIB 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, where GetByte() reads beyond the memory buffer. Documented as CVE-2021-36531 . NVD reports CVSSv3.1 base score 8.8 (Network, High impact on confidentiality, integrity, availability). No remediation/patch details...
CVE-2023-37748
CVE-2023-37748 concerns ngiflib; the issue is an infinite loop in the DecodeGifImg function of ngiflib.c within commit 5e7292. Documented impact indicates MEDIUM base criticality with local attack vector, requiring user interaction and resulting in HIGH availability impact. Connected PT-2023-2609...
CVE-2018-10717
CVE-2018-10717 affects MiniUPnP ngiflib 0.4. The DecodeGifImg function in ngiflib.c does not correctly bound the pixels data structure, allowing a remote attacker to trigger a denial of service via a heap-based buffer overflow when processing a crafted GIF file, with the impact described as possi...
CVE-2018-11576
CVE-2018-11576 affects MiniUPnP ngiflib 0.4, where a heap-based buffer over-read occurs in GifIndexToTrueColor within ngiflib.c. Multiple sources (NVD, CNVD, OSV, PRION) report this as a high-severity vulnerability with a network attack vector and no authentication required; CVSSv3 base score 9.8...
CVE-2019-20219
The CVE-2019-20219 entry concerns ngiflib 0.4, which contains a heap-based buffer over-read in GifIndexToTrueColor in ngiflib.c. The vulnerability is described consistently across sources (NVD, Red Hat, CNVD, OSV, etc.). Affects the GifIndexToTrueColor function in ngiflib.c of ngiflib 0.4; exploi...
CVE-2021-36530
CVE-2021-36530 affects ngiflib 0.4. The vulnerability is a heap overflow in GetByteStr() (ngiflib.c:108) under NGIFLIB_NO_FILE mode where GetByteStr() copies memory without boundary checks, potentially impacting confidentiality, integrity, and availability (CVSS v3.1: HIGH, NETWORK attack, no aut...
CVE-2019-16347
The vulnerability CVE-2019-16347 affects ngiflib 0.4, describing a heap-based buffer overflow in WritePixels() within ngiflib.c when DecodeGifImg is invoked. The root cause is mishandled deinterlacing for small pictures, which streams into a heap overflow condition. The connected advisories (Red ...
CVE-2019-19011
Summary: CVE-2019-19011 affects MiniUPnP ngiflib 0.4 and is a NULL pointer dereference in GifIndexToTrueColor (ngiflib.c) when parsing a GIF file that lacks a color palette. Multiple connected sources (CNVD-2020-41519 and RH: CVE-2019-19011 entries) confirm the vulnerable component and function, ...
CVE-2022-30858
CVE-2022-30858 affects ngiflib 0.4. The issue is a SEGV in SDL_LoadAnimatedGif when using SDLaffgif, with a proof-of-concept: ./SDLaffgif CA_file2_0. Connected sources consistently describe a memory crash caused by this path; no public details on patches or mitigations are provided in the supplie...
CVE-2019-16346
CVE-2019-16346 concerns ngiflib 0.4, where a heap-based buffer overflow occurs in WritePixel() of ngiflib.c when invoked via DecodeGifImg. The root cause is described as mishandled deinterlacing for small pictures, leading to memory corruption. The available references document this vulnerability...
CVE-2023-39113
CVE-2023-39113 affects ngiflib (a C library for decoding GIFs). The vulnerability is a segmentation fault in the main function of gif2tag.c, triggered when running the gif2tga tool. Documented impact indicates a segmentation fault (availability impact) but does not provide exploitable vectors, af...
CVE-2018-10677
Summary: The vulnerability affects MiniUPnP ngiflib 0.4, specifically the DecodeGifImg function in ngiflib.c, which does not correctly validate width/height bounds. This lack of validation can enable a remote attacker to trigger a denial of service via a heap-based WritePixels buffer overflow and...
CVE-2020-24221
The CVE-2020-24221 vulnerability is in miniupnp ngiflib version 0.4, specifically the GetByte function. A crafted GIF file can trigger an infinite loop, enabling a local DoS. The connected sources consistently describe a local-denial-of-service condition without details on affected platforms beyo...