Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png_2.5.2-1 on Debian GNU/Linux, truncates a GIF pathname specified on the command line, which might allow remote attackers to create PNG files in unintended directories via a crafted command-line argument, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Catb gif2png CGI程序PNG文件创建漏洞
Vulnerability Description
gif2png是一套专门用来把GIF转换成PNG格式图像的命令行工具。 发布于Fedora 12的gif2png-2.5.1-1200.fc12版本,以及Debian GNU/Linux的gif2png_2.5.2-1版本中的gif2png 2.5.1和2.5.2版本中的gif2png.c文件中的某个Fedora补丁截断了命令行中指定的GIF路径名。远程攻击者可以借助特制的命令行参数在预定外的目录中创建PNG文件。
CVSS Information
N/A
Vulnerability Type
N/A