cbcvebase.
CVE-2009-5018
published 2011-01-14

CVE-2009-5018: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line…

PriorityP347medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
10.90%
95.3th percentile
Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png.

Affected

38 ranges· showing 25
VendorProductVersion rangeFixed in
catbgif2png<= 2.5.3
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png
catbgif2png

CVSS provenance

nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.