CVE-2016-3177
published 2017-01-23CVE-2016-3177: Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
PriorityP336critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.63%
73.3th percentile
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | giflib | < giflib 5.1.4-0.1 (bookworm) | giflib 5.1.4-0.1 (bookworm) |
| giflib_project | giflib | — | — |
| giflib_project | giflib | >= 0 < 5.1.4-0.1 | 5.1.4-0.1 |
| giflib_project | giflib | >= 0 < 5.1.4-0.1 | 5.1.4-0.1 |
| giflib_project | giflib | >= 0 < 5.1.4-0.1 | 5.1.4-0.1 |
| giflib_project | giflib | >= 0 < 5.1.4-0.1 | 5.1.4-0.1 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8LOW
vendor_redhat9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7594-89x5-4cr4: Multiple use-after-free and double-free vulnerabilities in gifcolor
ghsa_unreviewed·2022-05-17
CVE-2016-3177 [CRITICAL] CWE-415 GHSA-7594-89x5-4cr4: Multiple use-after-free and double-free vulnerabilities in gifcolor
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
OSV
tomcat6, tomcat7 regression
osv·2017-02-02·CVSS 5.9
tomcat6, tomcat7 regression
tomcat6, tomcat7 regression
USN-3177-1 fixed vulnerabilities in Tomcat. The update introduced a
regression in environments where Tomcat is started with a security manager.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the Tomcat realm implementations incorrectly handled
passwords when a username didn't exist. A remote attacker could possibly
use this issue to enumerate usernames. This issue only applied to Ubuntu
12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-0762)
Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly
limited use of a certain utility method. A malicious application could
possibly use this to bypass Security Manager restrictions. This issue only
applied to Ubuntu 12.04 LT
OSV
CVE-2016-3177: Multiple use-after-free and double-free vulnerabilities in gifcolor
osv·2017-01-23·CVSS 9.8
CVE-2016-3177 [CRITICAL] CVE-2016-3177: Multiple use-after-free and double-free vulnerabilities in gifcolor
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
Red Hat
giflib: Use-after-free in gifcolor utility
vendor_redhat·2016-03-15·CVSS 9.8
CVE-2016-3177 [CRITICAL] CWE-416 giflib: Use-after-free in gifcolor utility
giflib: Use-after-free in gifcolor utility
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
Statement: This issue did not affect the versions of giflib as shipped with Red Hat Enterprise Linux 5, 6, and 7.
Package: giflib (Red Hat Enterprise Linux 5) - Not affected
Package: giflib (Red Hat Enterprise Linux 6) - Not affected
Package: giflib (Red Hat Enterprise Linux 7) - Not affected
Package: phantomjs (Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools) - Not affected
Package: phantomjs (Red Hat OpenStack Platform 8 (Liberty) Operational Tools) - Not affected
Debian
CVE-2016-3177: giflib - Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB ...
vendor_debian·2016·CVSS 9.8
CVE-2016-3177 [CRITICAL] CVE-2016-3177: giflib - Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB ...
Multiple use-after-free and double-free vulnerabilities in gifcolor.c in GIFLIB 5.1.2 have unspecified impact and attack vectors.
Scope: local
bookworm: resolved (fixed in 5.1.4-0.1)
bullseye: resolved (fixed in 5.1.4-0.1)
forky: resolved (fixed in 5.1.4-0.1)
sid: resolved (fixed in 5.1.4-0.1)
trixie: resolved (fixed in 5.1.4-0.1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2016-3177 mingw-giflib: giflib: Use-after-free in gifcolor utility [fedora-all]
bugzilla·2016-03-16·CVSS 9.8
CVE-2016-3177 [CRITICAL] CVE-2016-3177 mingw-giflib: giflib: Use-after-free in gifcolor utility [fedora-all]
CVE-2016-3177 mingw-giflib: giflib: Use-after-free in gifcolor utility [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versio
Bugzilla
CVE-2016-3177 giflib: Use-after-free in gifcolor utility [fedora-all]
bugzilla·2016-03-16·CVSS 9.8
CVE-2016-3177 [CRITICAL] CVE-2016-3177 giflib: Use-after-free in gifcolor utility [fedora-all]
CVE-2016-3177 giflib: Use-after-free in gifcolor utility [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora.
Bugzilla
CVE-2016-3177 giflib: Use-after-free in gifcolor utility
bugzilla·2016-03-03·CVSS 9.8
CVE-2016-3177 [CRITICAL] CVE-2016-3177 giflib: Use-after-free in gifcolor utility
CVE-2016-3177 giflib: Use-after-free in gifcolor utility
Multiple use-after-free vulnerabilities in gifcolor.c were found in 5.1.2. Two possible consecutive calls to EGifCloseFile with the same first parameter (GifFile) could lead to two calls to free(GifFile) / free(Private->HashTable) / free(Private). In particular, the second call of free(GifFile) appears in egif_lib.c, where there is no check to know if 'ErrorCode!=NULL' for this free. Since Private is freed with the first call to EGifCloseFile, and used during the second call, resulting into use-after-free.
Discussion:
Acknowledgments:
Name: Josselin Feist
---
Upstream bug:
https://sourceforge.net/p/giflib/bugs/83/
---
Created giflib tracking bugs for this issue:
Affects: fedora-all [bug 1318264]
---
Created mingw-giflib t
2017-01-23
Published