Описание
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.2.8rel-5ubuntu0.4 |
| devel | not-affected | 1.2.27-1 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.2.15~beta5-2ubuntu0.2 |
| hardy | released | 1.2.15~beta5-3ubuntu0.1 |
| intrepid | not-affected | 1.2.27-1 |
| upstream | released | 1.2.27 |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 thr ...
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
7.5 High
CVSS2