This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 171417 - CVE-2005-2974 Several libungif issues (CVE-2005-3350)
CVE-2005-2974 Several libungif issues (CVE-2005-3350)
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: libungif (Show other bugs)
4
All Linux
medium Severity high
: ---
: ---
Assigned To: Matthias Clasen
impact=important,source=vendorsec,pub...
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-10-21 12:16 EDT by Josh Bressers
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: libungif-4.1.3-3.fc4.2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-11-08 08:39:48 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Josh Bressers 2005-10-21 12:16:38 EDT
+++ This bug was initially created as a clone of Bug #171413 +++

Chris Evans reported several issues with libungif to vendor-sec.  They have been
fixed in libungif-4.1.4, but not noted as security issues.

"I believe that the recently released libungif-4.1.4 fixes these
crashes. Credit here must go to Daniel Eisenbud who independently
noticed libungif crashes _and_ patched it to fix it."
Comment 1 Josh Bressers 2005-10-21 12:17:27 EDT
This issue should also affect FC3
Comment 2 Josh Bressers 2005-10-27 19:14:21 EDT
bad1.gif triggers a NULL dereference crash
CVE-2005-2974 libungif NULL pointer deref

bad2 and bad3 trigger out of bounds memory access crashes.  bad2 may
possibly allow for arbitrary code execution as it's an OOB write.
CVE-2005-3350 libungif OOB access
Comment 3 Josh Bressers 2005-11-03 10:46:36 EST
Lifting embargo
Comment 4 Fedora Update System 2005-11-03 12:15:57 EST
From User-Agent: XML-RPC

libungif-4.1.3-1.fc3.2 has been pushed for FC3, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 5 Fedora Update System 2005-11-03 12:16:10 EST
From User-Agent: XML-RPC

libungif-4.1.3-3.fc4.2 has been pushed for FC4, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.