VDB
CVE-2007-6697
CVE-2007-6697
PUBLISHED
CVSS 7.5 HIGH
Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.
EPSS 23.39% · 96.1th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
23.39%
96.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| sdl | sdl_image | 0 |
Timeline
- Feb 1, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
References
- http://secunia.com/advisories/28837 url
- http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/IMG_gif.c?r1=2970&r2=3462 url
- sdlimage-gif-bo(39865) vdb
- 28869 third-party-advisory
- 28850 third-party-advisory
- FEDORA-2008-1208 vendor-advisory
- 28752 third-party-advisory
- https://issues.rpath.com/browse/RPL-2206 url
- FEDORA-2008-1231 vendor-advisory
- http://bugs.gentoo.org/show_bug.cgi?id=207933 url
- http://www.libsdl.org/cgi/viewvc.cgi/trunk/SDL_image/CHANGES?revision=3462&view=markup url
- 29542 third-party-advisory
- DSA-1493 vendor-advisory
- 27417 vdb
- 28640 third-party-advisory
- http://wiki.rpath.com/Advisories:rPSA-2008-0061 url
- 20080213 rPSA-2008-0061-1 SDL_image mailing-list
- 28830 third-party-advisory
- 20080123 SDL_Image 1.2.6 and prior GIF handling buffer overflow mailing-list
- GLSA-200802-01 vendor-advisory
…and 5 more