CVE-2007-6697

EPSS 23.4%

sdl-image1.2 - arbitrary code execution

Published: 2/1/2008Modified: 4/28/2026

Description

Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, a similar issue to CVE-2006-4484. NOTE: some of these details are obtained from third party information.

Affected packages (3)

Debian/sdl-image1.2from 0, < 1.2.6-2
Debian/sdl-image1.2from 0, < 1.2.4-1etch1
Debian/sdl-image1.2from 0, < 1.2.4-1etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2007-6697