CVE-2011-2896

SWI-Prolog < 5.10.4 - Heap-Based Buffer Overflow in LZW Decompressor

Title source: llm
STIX 2.1

Description

The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.

References (32)

Core 32
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2012/dsa-2426
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201209-23.xml
Patch, Third Party Advisory x_refsource_confirm
http://cups.org/str.php?L3867
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2011/08/10/10
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1207-1
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=727800
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1180.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48308
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2011/dsa-2354
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45948
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2012-1181.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/46024
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45900
Broken Link vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-1635.html
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html
Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=730338
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/49148
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:146
Issue Tracking, Third Party Advisory x_refsource_confirm
http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1214-1
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/50737
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2011:167
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/48236
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1025929
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45621
Broken Link third-party-advisory x_refsource_secunia
http://secunia.com/advisories/45945

Scores

EPSS 0.1271
EPSS Percentile 95.8%

Details

CWE
CWE-787
Status published
Products (3)
apple/cups < 1.4.6
gimp/gimp < 2.6.11
swi-prolog/swi-prolog < 5.10.4
Published Aug 19, 2011
Tracked Since Feb 18, 2026