PT-2017-17429 · Apng2Gif · Apng2Gif

Dileep Kumar Jallepalli

Published

2017-03-17

Updated

2022-02-04

CVE-2017-6962

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions apng2gif version 1.7

Description An issue was discovered related to an integer overflow, resulting in a heap-based buffer overflow. This issue is connected to the read chunk function, which performs an unchecked addition of 12.

Recommendations For apng2gif version 1.7, consider applying a patch or fix that checks for integer overflows in the read chunk function to prevent heap-based buffer overflows. As a temporary workaround, restrict the use of the read chunk function until a patch is available.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2017-6962

DLA-2911-1

Affected Products

Apng2Gif

PT-2017-17429 · Apng2Gif · Apng2Gif

CVE-2017-6962

Weakness Enumeration

Related Identifiers

Affected Products

References · 9