Описание
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080614k-0ubuntu1 |
| devel | DNE | |
| gutsy | released | 2.0.0.21~tb.21+nobinonly-0ubuntu0.7.10.1 |
| hardy | ignored | end of life |
| intrepid | DNE | |
| jaunty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.0.7+nobinonly-0ubuntu1 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 3.0.7+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 3.0.7+nobinonly-0ubuntu0.8.10.1 |
| jaunty | released | 3.0.7+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 3.5~rc2+nobinonly-0ubuntu1 |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | released | 3.5+nobinonly-0ubuntu0.9.04.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | ignored | end of life |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.2.8rel-5ubuntu0.4 |
| devel | released | 1.2.27-2ubuntu2 |
| gutsy | released | 1.2.15~beta5-2ubuntu0.2 |
| hardy | released | 1.2.15~beta5-3ubuntu0.1 |
| intrepid | released | 1.2.27-1ubuntu0.1 |
| jaunty | released | 1.2.27-2ubuntu2 |
| upstream | released | 1.2.35-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | uses system libpng |
| gutsy | DNE | |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | uses system libpng |
| gutsy | ignored | end of life |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | uses system libpng |
| gutsy | ignored | end of life |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.9.0.7+nobinonly-0ubuntu1 |
| gutsy | ignored | end of life, was needed |
| hardy | released | 1.9.0.7+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.7+nobinonly-0ubuntu0.8.10.1 |
| jaunty | released | 1.9.0.7+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.9.1~rc2+nobinonly-0ubuntu1 |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | released | 1.9.1+nobinonly-0ubuntu0.9.04.1 |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before ...
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
Уязвимость операционной системы CentOS, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS
6.8 Medium
CVSS2