CVE-2018-10717
- Source
- https://cve.org/CVERecord?id=CVE-2018-10717
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10717.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-10717
- Published
- 2018-05-03T17:29:00.337Z
- Modified
- 2026-03-14T09:27:15.448849Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file, a different vulnerability than CVE-2018-10677.
- References
Affected packages
Git / github.com/miniupnp/ngiflib
Database specific
vanir_signatures
[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"40222433432064176082929800575717582465",
"62846274079341447038045936196904926572",
"99371066332013005687906997522328674330",
"76250921569557969998899316023094286860",
"250713858605029592680074110365031688960",
"181493249242074076664243472717836837458",
"153240117329045849680495743636463112608",
"336845674459016304589281855031853285477"
]
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2018-10717-05028e87",
"target": {
"file": "ngiflib.c"
},
"source": "https://github.com/miniupnp/ngiflib/commit/cf429e0a2fe26b5f01ce0c8e9b79432e94509b6e"
},
{
"digest": {
"length": 5952.0,
"function_hash": "43287928949454851532720211538029385299"
},
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2018-10717-7deeec36",
"target": {
"function": "DecodeGifImg",
"file": "ngiflib.c"
},
"source": "https://github.com/miniupnp/ngiflib/commit/cf429e0a2fe26b5f01ce0c8e9b79432e94509b6e"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-10717.json"