CVE-2019-15133 — Divide By Zero in Project Giflib
Severity
6.5MEDIUMNVD
OSV5.5
EPSS
0.2%
top 57.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 17
Latest updateMay 24
Description
In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c if the height field of the ImageSize data structure is equal to zero.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6
Affected Packages3 packages
Also affects: Debian Linux 10.0, Ubuntu Linux 16.04, 18.04, 19.04
🔴Vulnerability Details
4GHSA▶
GHSA-fhp4-279c-9rhq: In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib↗2022-05-24
CVEList▶
CVE-2019-15133: In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib↗2019-08-17
OSV▶
CVE-2019-15133: In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgif_lib↗2019-08-17
📋Vendor Advisories
3💬Community
3Bugzilla▶
CVE-2019-15133 mingw-giflib: giflib: divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c [fedora-all]↗2019-11-12
Bugzilla▶
CVE-2019-15133 giflib: divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c [fedora-all]↗2019-11-12
Bugzilla▶
CVE-2019-15133 giflib: divide-by-zero exception in the decoder function DGifSlurp in dgif_lib.c↗2019-11-12