PT-2019-16621 · Libsixel+1 · Libsixel+1

Cool-Tomato

Publicado

2019-01-02

Atualizado

2024-12-20

CVE-2019-3573

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libsixel version 1.8.2

Description The issue is related to an infinite loop in the sixel decode raw impl() function, located in the fromsixel.c file. This has been demonstrated using sixel2png.

Recommendations For libsixel version 1.8.2, consider avoiding the use of the sixel decode raw impl() function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Infinite Loop

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-835

Identificadores relacionados

ALT-PU-2020-2902

ALT-PU-2024-17256

CVE-2019-3573

Produtos afetados

Alt Linux

Libsixel

PT-2019-16621 · Libsixel+1 · Libsixel+1

CVE-2019-3573

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9