The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895.
References
Link Providers
http://cups.org/str.php?L3867 cve-icon cve-icon
http://git.gnome.org/browse/gimp/commit/?id=376ad788c1a1c31d40f18494889c383f6909ebfc cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064600.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-August/064873.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065527.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065539.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065550.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065651.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-1180.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2012-1181.html cve-icon cve-icon
http://secunia.com/advisories/45621 cve-icon cve-icon
http://secunia.com/advisories/45900 cve-icon cve-icon
http://secunia.com/advisories/45945 cve-icon cve-icon
http://secunia.com/advisories/45948 cve-icon cve-icon
http://secunia.com/advisories/46024 cve-icon cve-icon
http://secunia.com/advisories/48236 cve-icon cve-icon
http://secunia.com/advisories/48308 cve-icon cve-icon
http://secunia.com/advisories/50737 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201209-23.xml cve-icon cve-icon
http://www.debian.org/security/2011/dsa-2354 cve-icon cve-icon
http://www.debian.org/security/2012/dsa-2426 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 cve-icon cve-icon
http://www.openwall.com/lists/oss-security/2011/08/10/10 cve-icon cve-icon
http://www.redhat.com/support/errata/RHSA-2011-1635.html cve-icon cve-icon
http://www.securityfocus.com/bid/49148 cve-icon cve-icon
http://www.securitytracker.com/id?1025929 cve-icon cve-icon
http://www.swi-prolog.org/bugzilla/show_bug.cgi?id=7#c4 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1207-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-1214-1 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=727800 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=730338 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2011-2896 cve-icon
https://www.cve.org/CVERecord?id=CVE-2011-2896 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2011-08-19T17:00:00

Updated: 2024-08-06T23:15:31.669Z

Reserved: 2011-07-27T00:00:00

Link: CVE-2011-2896

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-08-19T17:55:03.317

Modified: 2024-11-21T01:29:13.487

Link: CVE-2011-2896

cve-icon Redhat

Severity : Moderate

Publid Date: 2011-08-10T00:00:00Z

Links: CVE-2011-2896 - Bugzilla