Incorrect Calculation

CVE-2019-16347

High

8.8/10

Summary

ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-682 - Incorrect Calculation

The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

References

Advisory Timeline

Published Sep 16, 2019

Incorrect Calculation

CVE-2019-16347

Summary

CWE-682 - Incorrect Calculation

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS