Описание
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
Отчет
Not vulnerable. This issue did not affect the versions of libpng as shipped with Red Hat Enterprise Linux 4, 5, or 6. This issue did not affect the versions of libpng10 as shipped with Red Hat Enterprise Linux 4.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | libpng | Not affected | ||
| Red Hat Enterprise Linux 4 | libpng10 | Not affected | ||
| Red Hat Enterprise Linux 5 | libpng | Not affected | ||
| Red Hat Enterprise Linux 6 | libpng | Not affected |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS2
Связанные уязвимости
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cau ...
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
7.5 High
CVSS2