Buffer Overflow Vulnerability in APNG Optimizer by SourceForge
CVE-2023-27705

7.5HIGH

Key Information:

Vendor: Apng Optimizer Project
Status: Apng Optimizer
Vendor: CVE Published:; 17 April 2023

🔔 Create Apng Optimizer Project Vulnerability Alert

What is CVE-2023-27705?

The APNG Optimizer v1.4 includes a buffer overflow vulnerability located in the /apngopt/ubuntu.png component, which could allow attackers to exploit the software by sending specially crafted input. This may lead to unexpected behaviors or unauthorized access to system resources, putting user data at risk. It is essential for users of APNG Optimizer to assess their exposure and apply any patches or updates provided by the vendor.

References

https://sourceforge.net/projects/apng/files/APNG_Optimizer/

https://bitbucket.org/tiangeng_zq/cve/src/main/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 17, 2023
Vulnerability Reserved
Mar 5, 2023

JSON