Candidate: CVE-2010-4695
PublicDate: 2011-01-14 18:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4695
Description:
 A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as
 distributed in gif2png-2.5.1-1200.fc12 on Fedora 12 and gif2png_2.5.2-1 on
 Debian GNU/Linux, truncates a GIF pathname specified on the command line,
 which might allow remote attackers to create PNG files in unintended
 directories via a crafted command-line argument, as demonstrated by a CGI
 program that launches gif2png, a different vulnerability than
 CVE-2009-5018.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_gif2png:
upstream_gif2png: released (2.5.4-2)
dapper_gif2png: ignored (reached end-of-life)
hardy_gif2png: ignored (reached end-of-life)
karmic_gif2png: ignored (reached end-of-life)
lucid_gif2png: ignored (reached end-of-life)
maverick_gif2png: ignored (reached end-of-life)
natty_gif2png: ignored (reached end-of-life)
oneiric_gif2png: ignored (reached end-of-life)
precise_gif2png: ignored (reached end-of-life)
precise/esm_gif2png: DNE (precise was needed)
quantal_gif2png: ignored (reached end-of-life)
raring_gif2png: ignored (reached end-of-life)
saucy_gif2png: ignored (reached end-of-life)
trusty_gif2png: not-affected (2.5.8-1)
trusty/esm_gif2png: DNE (trusty was not-affected [2.5.8-1])
utopic_gif2png: ignored (reached end-of-life)
vivid_gif2png: ignored (reached end-of-life)
vivid/stable-phone-overlay_gif2png: DNE
vivid/ubuntu-core_gif2png: DNE
wily_gif2png: ignored (reached end-of-life)
xenial_gif2png: not-affected (2.5.8-1)
yakkety_gif2png: ignored (reached end-of-life)
zesty_gif2png: ignored (reached end-of-life)
artful_gif2png: ignored (reached end-of-life)
bionic_gif2png: not-affected (2.5.8-1)
devel_gif2png: not-affected (2.5.8-1)