First published: Fri Aug 03 2018(Updated: )
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng error concerning the IHDR image width.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Flif Flif | =0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-14876 is medium with a CVSS score of 5.5.
The affected software for CVE-2018-14876 is Flif Flif version 0.3.
Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng error concerning the IHDR image width in CVE-2018-14876.
A fix for CVE-2018-14876 may be available in a future update or patch. It is recommended to follow the recommendations of the software vendor.
You can find more information about CVE-2018-14876 on the following link: https://github.com/FLIF-hub/FLIF/issues/520