Search Results (Refine Search)
- CPE Product Version: cpe:/a:libpng:libpng:1.5.10:beta
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-8540 |
Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. Published: April 14, 2016; 10:59:03 AM -0400 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2014-9495 |
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image. Published: January 10, 2015; 2:59:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2013-7354 |
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow. Published: May 06, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-7353 |
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. Published: May 06, 2014; 10:55:05 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-6954 |
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c. Published: January 12, 2014; 1:34:55 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-3425 |
The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. Published: August 13, 2012; 4:55:09 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2011-3048 |
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. Published: May 29, 2012; 4:55:04 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |