DescriptionUse-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2009:006, published Tue, 10 Mar 2009 15:00:00 +0000
- SUSE-SR:2009:012, published Fri, 03 Jul 2009 16:00:00 +0000
SUSE Timeline for this CVECVE page created: Fri Jun 28 03:40:24 2013
CVE page last modified: Fri Oct 7 12:45:45 2022