Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-5907

Опубликовано: 15 янв. 2009
Источник: nvd
CVSS2: 5
EPSS Низкий

Описание

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
Версия до 1.0.42 (исключая)
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
Версия от 1.2.0 (включая) до 1.2.34 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.0058
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2008-5907

ubuntu
больше 16 лет назад

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.

redhat логотип

CVE-2008-5907

redhat
больше 16 лет назад

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.

debian логотип

CVE-2008-5907

debian
больше 16 лет назад

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, ...

github логотип

GHSA-598m-m5h8-fc92

github
около 3 лет назад

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.

fstec логотип

BDU:2015-09372

fstec
больше 16 лет назад

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации

EPSS

Процентиль: 68%
0.0058
Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo