Executive Summary
Summary | |
---|---|
Title | libungif security update |
Informations | |||
---|---|---|---|
Name | RHSA-2005:828 | First vendor Publication | 2005-11-03 |
Vendor | RedHat | Last vendor Modification | 2005-11-03 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated libungif packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The libungif package contains a shared library of functions for loading and saving GIF format image files. Several bugs in the way libungif decodes GIF images were discovered. An attacker could create a carefully crafted GIF image file in such a way that it could cause an application linked with libungif to crash or execute arbitrary code when the file is opened by a victim. The Common Vulnerabilities and Exposures project has assigned the names CVE-2005-2974 and CVE-2005-3350 to these issues. All users of libungif are advised to upgrade to these updated packages, which contain backported patches that resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 171413 - CVE-2005-2974 Several libungif issues (CVE-2005-3350) |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2005-828.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10994 | |||
Oval ID: | oval:org.mitre.oval:def:10994 | ||
Title: | libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. | ||
Description: | libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-2974 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21867 | |||
Oval ID: | oval:org.mitre.oval:def:21867 | ||
Title: | ELSA-2009:0444: giflib security update (Important) | ||
Description: | libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0444-01 CVE-2005-2974 CVE-2005-3350 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | giflib |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29286 | |||
Oval ID: | oval:org.mitre.oval:def:29286 | ||
Title: | RHSA-2009:0444 -- giflib security update (Important) | ||
Description: | Updated giflib packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The giflib packages contain a shared library of functions for loading and saving GIF image files. This library is API and ABI compatible with libungif, the library that supported uncompressed GIF image files while the Unisys LZW patent was in effect. Several flaws were discovered in the way giflib decodes GIF images. An attacker could create a carefully crafted GIF image that could cause an application using giflib to crash or, possibly, execute arbitrary code when opened by a victim. (CVE-2005-2974, CVE-2005-3350) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0444 CESA-2009:0444-CentOS 5 CVE-2005-2974 CVE-2005-3350 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | giflib |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9314 | |||
Oval ID: | oval:org.mitre.oval:def:9314 | ||
Title: | libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | ||
Description: | libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3350 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for giflib CESA-2009:0444 centos5 i386 File : nvt/gb_CESA-2009_0444_giflib_centos5_i386.nasl |
2009-10-10 | Name : SLES9: Security update for libungif File : nvt/sles9p5011022.nasl |
2009-06-23 | Name : Fedora Core 10 FEDORA-2009-4848 (giflib) File : nvt/fcore_2009_4848.nasl |
2009-05-20 | Name : Fedora Core 9 FEDORA-2009-5118 (giflib) File : nvt/fcore_2009_5118.nasl |
2009-04-28 | Name : RedHat Security Advisory RHSA-2009:0444 File : nvt/RHSA_2009_0444.nasl |
2009-04-28 | Name : CentOS Security Advisory CESA-2009:0444 (giflib) File : nvt/ovcesa2009_0444.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200511-03 (giflib) File : nvt/glsa_200511_03.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 890-1 (libungif4) File : nvt/deb_890_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
20471 | libungif/giflib Crafted .gif File Arbitrary Code Execution A remote overflow exists in libungif. The library fails to properly validate colormaps in GIF files, resulting in out-of-bounds writes and memory corruption. When a program using libungif opens a specially crafted GIF file, an attacker may be able to cause arbitrary code execution, resulting in a loss of integrity. |
20470 | libungif/giflib Malformed .gif File NULL Dereference DoS libungif contains a flaw that may allow a remote denial of service. The issue is triggered when a program using libungif opens a specially crafted GIF file. Due to a flaw in the library, this may cause the ColorMaps value incorrectly when freeing a colormap object, and will result in the program crashing with a NULL dereference. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0444.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090422_giflib_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0444.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_10556.nasl - Type : ACT_GATHER_INFO |
2009-06-19 | Name : The remote Fedora host is missing a security update. File : fedora_2009-4848.nasl - Type : ACT_GATHER_INFO |
2009-05-19 | Name : The remote Fedora host is missing a security update. File : fedora_2009-5118.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0444.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-890.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-828.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-207.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-214-1.nasl - Type : ACT_GATHER_INFO |
2005-11-07 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200511-03.nasl - Type : ACT_GATHER_INFO |
2005-11-04 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-1045.nasl - Type : ACT_GATHER_INFO |
2005-11-04 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-1046.nasl - Type : ACT_GATHER_INFO |
2005-11-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-828.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:49:45 |
|