CVE-2015-8808

CWE-119 — Buffer Overflow8 documents6 sources

Severity

5.5MEDIUM

EPSS

0.3%

top 47.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Graphicsmagick Graphicsmagick Fedoraproject Fedora Suse Linux Enterprise Debuginfo +2 more

Timeline

PublishedJul 13

Latest updateMay 17

Description

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages5 packages

▶Debiangraphicsmagick< 1.3.21-2+3

▶NVDgraphicsmagick/graphicsmagick1.3.17

▶NVDsuse/studio_onsite1.3

▶NVDsuse/linux_enterprise_debuginfo11

▶NVDsuse/linux_enterprise_software_development_kit11

Also affects: Fedora 22

🔴Vulnerability Details

GHSA

GHSA-wjfm-jff2-jgf3: The DecodeImage function in coders/gif↗2022-05-17

▶

CVEList

CVE-2015-8808: The DecodeImage function in coders/gif↗2016-07-13

▶

OSV

CVE-2015-8808: The DecodeImage function in coders/gif↗2016-07-13

▶

📋Vendor Advisories

Debian

CVE-2015-8808: graphicsmagick - The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote ...↗2015

▶

💬Community

Bugzilla

CVE-2015-8808 GraphicsMagick: out-of-bound read in the parsing of GIF files [epel-all]↗2016-02-08

▶

Bugzilla

CVE-2015-8808 GraphicsMagick: out-of-bound read in the parsing of GIF files↗2016-02-08

▶

Bugzilla

CVE-2015-8808 GraphicsMagick: out-of-bound read in the parsing of GIF files [fedora-all]↗2016-02-08

▶