OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c.
References
Configurations
History
14 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Oct 2023, 20:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:optipng_project:optipng:0.7.7:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-120 | |
First Time |
Optipng Project
Optipng Project optipng |
|
References | (MISC) https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/optipng-global-buffer-overflow1/optipng-global-buffer-overflow1.md - Exploit, Third Party Advisory | |
References | (MISC) http://optipng.sourceforge.net/ - Product | |
References | (MISC) https://sourceforge.net/projects/optipng/files/OptiPNG/optipng-0.7.7/optipng-0.7.7.tar.gz/download?use_mirror=udomain&download= - Product |
01 Oct 2023, 03:02
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-01 01:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-43907
Mitre link : CVE-2023-43907
CVE.ORG link : CVE-2023-43907
JSON object : View
Products Affected
optipng_project
- optipng
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')