CVE-2007-6697

EPSS 10.7%

Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/31054unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://bugs.gentoo.org/show_bug.cgi?id=207933 http://marc.info/?l=bugtraq&m=120110205511630&w=2 http://secunia.com/advisories/28640 http://secunia.com/advisories/28752 http://secunia.com/advisories/28830 http://secunia.com/advisories/28837 http://secunia.com/advisories/28850 http://secunia.com/advisories/28869 http://secunia.com/advisories/29542 https://exchange.xforce.ibmcloud.com/vulnerabilities/39865 https://issues.rpath.com/browse/RPL-2206 https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00008.html