Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-3964

Опубликовано: 11 сент. 2008
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
Версия до 1.2.32 (исключая)
cpe:2.3:a:libpng:libpng:1.4.0:beta1:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta10:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta11:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta12:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta13:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta14:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta15:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta16:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta17:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta18:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta19:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta2:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta20:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta21:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta22:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta23:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta24:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta25:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta26:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta27:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta28:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta29:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta3:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta30:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta31:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta32:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta33:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta4:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta5:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta6:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta7:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta8:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.4.0:beta9:*:*:*:*:*:*

EPSS

Процентиль: 78%
0.01145
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-193

Связанные уязвимости

ubuntu логотип

CVE-2008-3964

ubuntu
около 17 лет назад

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

redhat логотип

CVE-2008-3964

redhat
около 17 лет назад

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

debian логотип

CVE-2008-3964

debian
около 17 лет назад

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 befo ...

github логотип

GHSA-fj2p-r342-gx3m

github
больше 3 лет назад

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

EPSS

Процентиль: 78%
0.01145
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-193