CVE-2016-5735

Опубликовано: 23 мая 2017

Источник: debian

Описание

Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
pngquant	fixed	2.5.0-2		package

Примечания

https://github.com/pornel/pngquant/commit/b7c217680cda02dddced245d237ebe8c383be285

Связанные уязвимости

CVE-2016-5735

CVSS3: 7.8

ubuntu

почти 9 лет назад

Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow.

CVE-2016-5735

CVSS3: 7.8

nvd

почти 9 лет назад

Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow.

GHSA-2326-85qm-8gr9

CVSS3: 7.8

github

почти 4 года назад

Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow.