CVE-2015-7555
Summary
| CVE | CVE-2015-7555 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-04-13 15:59:00 UTC |
| Updated | 2018-10-09 19:58:00 UTC |
| Description | Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Fedoraproject | Fedora | 22 | All | All | All |
| Operating System | Fedoraproject | Fedora | 22 | All | All | All |
| Application | Giflib Project | Giflib | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| [SECURITY] Fedora 22 Update: mingw-giflib-5.0.5-4.fc22 | FEDORA | lists.fedoraproject.org | Vendor Advisory |
| Android Security Bulletin—May 2017 | Android Open Source Project | CONFIRM | source.android.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| IBM Flex System Manager Buffer Overflow in Processing GIF Files Lets Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| giflib 5.1.1 Heap Overflow ≈ Packet Storm | MISC | packetstormsecurity.com | Exploit |
| Security Bulletin: A vulnerability in giflib affects IBM Flex System Manager (FSM) (CVE-2015-7555) | CONFIRM | www-01.ibm.com | |
| Full Disclosure: giflib: heap overflow in giffix (CVE-2015-7555) | FULLDISC | seclists.org | Exploit |
| giflib 'util/giffix.c' Heap Based Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.