CVE-2023-39742

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 25, 2023
Updated: Nov 7, 2023
CWE ID 120

Summary

CVE-2023-39742 is a newly disclosed vulnerability affecting the giflib v5.2.1 library. This issue stems from a segmentation fault in the getarg.c component. An attacker can potentially exploit this vulnerability by crafting a malicious GIF file that, upon processing, triggers the segmentation fault. This could lead to arbitrary code execution or a denial-of-service condition, posing a significant risk to systems using the affected library. It is recommended that users update to the latest version of giflib or take other appropriate measures to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share