Nixpkgs Security Tracker

Untriaged

Permalink CVE-2015-7505

created 1 month ago

Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in …

Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file.

References

http://www.securityfocus.com/archive/1/archive/1/537128/100/0/threaded x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Dec/70 x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Dec/70 x_refsource_MISC x_transferred
http://www.securityfocus.com/archive/1/archive/1/537128/100/0/threaded x_refsource_MISC x_transferred
http://www.securityfocus.com/archive/1/archive/1/537128/100/0/threaded x_refsource_MISC
http://seclists.org/fulldisclosure/2015/Dec/70 x_refsource_MISC
http://www.securityfocus.com/archive/1/archive/1/537128/100/0/threaded x_refsource_MISC x_transferred
http://seclists.org/fulldisclosure/2015/Dec/70 x_refsource_MISC x_transferred

Affected products

Libnsgif

==0.1.2

Matching in nixpkgs

pkgs.libnsgif

GIF Decoder for netsurf browser

nixos-unstable 1.0.0
- nixpkgs-unstable 1.0.0
- nixos-unstable-small 1.0.0
nixos-25.11 1.0.0
- nixos-25.11-small 1.0.0
- nixpkgs-25.11-darwin 1.0.0

pkgs.netsurf.libnsgif