Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:libpng:libpng:1.0.54:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-2042 |
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file. Published: June 12, 2009; 4:30:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2008-3964 |
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c. Published: September 10, 2008; 9:13:47 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-5267 |
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266. Published: October 08, 2007; 5:17:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2007-5269 |
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations. Published: October 08, 2007; 5:17:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |