Описание
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | code not in current version |
| devel | not-affected | code not in current version |
| edgy | not-affected | code not in current version |
| feisty | not-affected | code not in current version |
| gutsy | not-affected | code not in current version |
| upstream | released | 1.0.29 beta1 and 1.2.22 |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
Связанные уязвимости
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.
Off-by-one error in ICC profile chunk handling in the png_set_iCCP fun ...
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.
Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
4.3 Medium
CVSS2