Skip to main content

Ngiflib CVE-2023-39113

MEDIUM
2023-08-02 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Aug 02, 2023 - 23:15 nvd
MEDIUM 5.5

DescriptionNVD

ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. This vulnerability is triggered when running the program gif2tga.

AnalysisAI

ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

ngiflib commit fb271 was discovered to contain a segmentation violation via the function "main" at gif2tag.c. This vulnerability is triggered when running the program gif2tga. Affected products include: Miniupnp Project Ngiflib.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-11576 CRITICAL POC
9.8 May 31

ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. Rated critical severity (CVS

CVE-2018-11575 CRITICAL POC
9.8 May 31

ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. Rated critical severity (CVSS 9.8),

CVE-2021-36531 HIGH POC
8.8 Aug 27

ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70 in NGIFLIB_NO_FILE mode, GetByte() reads memory buffer with

CVE-2021-36530 HIGH POC
8.8 Aug 27

ngiflib 0.4 has a heap overflow in GetByteStr() at ngiflib.c:108 in NGIFLIB_NO_FILE mode, GetByteStr() copy memory buffe

CVE-2019-16346 HIGH POC
8.8 Sep 16

ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngiflib.c when called from DecodeGifImg, because deinter

CVE-2018-10717 HIGH POC
8.8 May 03

The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure

CVE-2018-10677 HIGH POC
8.8 May 02

The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allo

CVE-2019-19011 HIGH POC
7.5 Nov 17

MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueColor in ngiflib.c via a file that lacks a palette.

CVE-2018-11578 MEDIUM POC
6.5 May 31

GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. Rated medium severity (CVSS 6.5), thi

CVE-2023-39114 MEDIUM POC
5.5 Aug 02

ngiflib commit 84a75 was discovered to contain a segmentation violation via the function SDL_LoadAnimatedGif at ngiflibS

CVE-2023-37748 MEDIUM POC
5.5 Jul 19

ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c. Rated mediu

CVE-2019-16347 HIGH
8.8 Sep 16

ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinte

Share

CVE-2023-39113 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy