The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to 250 bytes outside of the allocated buffer with arbitrary data.
References
Link | Resource |
---|---|
http://web.archive.org/web/20150801185019/ | Broken Link |
https://www.abdn.ac.uk/tools/ibmpc/giftrans/index.hti | Broken Link |
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002739 | Exploit Mailing List Third Party Advisory |
Information
Published : 2022-01-01 13:15
Updated : 2022-01-10 13:31
NVD link : CVE-2021-45972
Mitre link : CVE-2021-45972
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
debian
- debian_linux
giftrans_project
- giftrans