USN-214-1: libungif vulnerabilities

7 November 2005

libungif4 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 5.04
  • Ubuntu 4.10

Software Description

Details

Chris Evans discovered several buffer overflows in the libungif library. By tricking an user (or automated system) into processing a specially crafted GIF image, this could be exploited to execute arbitrary code with the privileges of the application using libungif.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 5.04
libungif4g
Ubuntu 4.10
libungif4g

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

References