Miniupnp Project: >> Ngiflib Security Vulnerabilities
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
CVSS Score
8.8
EPSS Score
0.004
Published
2019-09-16
ngiflib.c in MiniUPnP ngiflib 0.4 has an infinite loop in DecodeGifImg and LoadGif.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-06-01
ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-05-31
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-05-31
GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault.
CVSS Score
6.5
EPSS Score
0.003
Published
2018-05-31
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-05-03
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-05-02
Page 2