CVE-2018-10717
Last modified
CVE-2018-10717 is a vulnerability of currently unknown severity. The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.. EPSS estimates a 2.02% chance of exploitation in the next 30 days.
Description
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Miniupnp Project | Ngiflib | 0.4 |
References
- https://github.com/miniupnp/ngiflib/issues/3Exploit, Third Party Advisory
- https://github.com/miniupnp/ngiflib/issues/3Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-10717?
How severe is CVE-2018-10717?
How do I fix CVE-2018-10717?
Are you affected by CVE-2018-10717?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST