CVE-2017-6961
MEDIUMapng2gif 1.7 - Denial of Service via Memory Allocation in read_chunk
Title source: llmDescription
An issue was discovered in apng2gif 1.7. There is improper sanitization of user input causing huge memory allocations, resulting in a crash. This is related to the read_chunk function using the pChunk->size value (within the PNG file) to determine the amount of memory to allocate.
References (1)
Core 1
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854441
Scores
CVSS v3
5.5
EPSS
0.0080
EPSS Percentile
52.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
apng2gif_project/apng2gif
1.7
Published
Mar 17, 2017
Tracked Since
Feb 18, 2026