Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-6960 | 3 Apng2gif Project, Canonical, Debian | 3 Apng2gif, Ubuntu Linux, Debian Linux | 2023-01-20 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer over-read, related to the load_apng function and the imagesize variable. | |||||
CVE-2017-6962 | 1 Apng2gif Project | 1 Apng2gif | 2017-03-20 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer overflow. This is related to the read_chunk function making an unchecked addition of 12. | |||||
CVE-2017-6961 | 1 Apng2gif Project | 1 Apng2gif | 2017-03-20 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChunk->size value (within the PNG file) to determine the amount of memory to allocate. |