CVE-2007-6697 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-6697
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-6697

Description: Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39865 UBUNTU http://www.ubuntu.com/usn/usn-595-1 SAID Secunia Advisory: SA28850 Secunia Advisory: SA28830 Secunia Advisory: SA28640 Secunia Advisory: SA28837 Secunia Advisory: SA28752 Secunia Advisory: SA28869 Secunia Advisory: SA29542 MISC http://vexillium.org/?sec-sdlgif MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2008:040 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200802-01.xml FEDORA DEBIAN http://www.debian.org/security/2008/dsa-1493 CONFIRM http://wiki.rpath.com/Advisories:rPSA-2008-0061 http://bugs.gentoo.org/show_bug.cgi?id=207933 http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970&r2=3462 http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462&view=markup BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/488079/100/0/threaded http://marc.info/?l=bugtraq&m=120110205511630&w=2 BID 27417

Return to the previous page.