CVE-2006-4484 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cups

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer36 documents7 sources

Severity

7.5HIGHNVD

NVD6.8NVD5.8NVD2.6OSV2.6

EPSS

6.4%

top 8.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple Cups Debian Cups Debian Libgd2 +9 more

Timeline

PublishedAug 31

Latest updateMay 3

Description

Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages12 packages

▶debiandebian/libgd2< libgd2 2.0.33-5.1 (bookworm)

▶debiandebian/cups< cups 1.3.7-1 (bookworm)

▶debiandebian/libtk-img< libtk-img 1:1.3-release-7 (bookworm)

▶debiandebian/xloadimage< libgd2 2.0.33-5.1 (bookworm)

▶debiandebian/netpbm-free< netpbm-free 10.0-11.1 (bookworm)

Patches

Patch: cvs.php.net ↗Patch: cvs.php.net ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-6xv8-25r4-5mrf: Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in↗2022-05-03

▶

GHSA

GHSA-q3qj-hhm6-3g3m: Buffer overflow in the readImageData function in giftopnm↗2022-05-01

▶

GHSA

GHSA-r8gv-4rq7-chfp: Buffer overflow in the LWZReadByte function in IMG_gif↗2022-05-01

▶

GHSA

GHSA-4gx2-wfcv-mvp8: Buffer overflow in the gif_read_lzw function in CUPS 1↗2022-05-01

▶

GHSA

GHSA-w2px-74cm-hrpr: Stack-based buffer overflow in the ReadImage function in tkImgGIF↗2022-05-01

▶

📋Vendor Advisories

Red Hat

cups: overflow in gif image filter↗2008-04-01

▶

Red Hat

tk: GIF handling buffer overflow↗2008-02-01

▶

Red Hat

netpbm: GIF handling buffer overflow in giftopnm↗2008-02-01

▶

Red Hat

SDL_image: GIF handling buffer overflow↗2008-01-23

▶

Debian

CVE-2008-1373: cups - Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attacke...↗2008

▶

💬Community

Bugzilla

CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow↗2011-08-03

▶

Bugzilla

CVE-2011-2897 gdk-pixbuf: GIF loader buffer overflow when initializing decompression tables↗2011-08-01

▶

Bugzilla

CVE-2008-1373 cups: overflow in gif image filter↗2008-03-20

▶

Bugzilla

CVE-2008-0553 tk: GIF handling buffer overflow↗2008-02-05

▶

Bugzilla

CVE-2008-0553 tk: GIF handling buffer overflow [rawhide]↗2008-02-05

▶