CVE-2023-39742

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 25, 2023

Updated: Nov 7, 2023

CWE ID 120

Summary

CVE-2023-39742 is a newly disclosed vulnerability affecting the giflib v5.2.1 library. This issue stems from a segmentation fault in the getarg.c component. An attacker can potentially exploit this vulnerability by crafting a malicious GIF file that, upon processing, triggers the segmentation fault. This could lead to arbitrary code execution or a denial-of-service condition, posing a significant risk to systems using the affected library. It is recommended that users update to the latest version of giflib or take other appropriate measures to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sP2Bi0
https://www.cve.org/CVERecord?id=CVE-2023-39742
https://nvd.nist.gov/vuln/detail/CVE-2023-39742

Back to Vulnerability Database

CVE-2023-39742

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations