Описание
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.2.8rel-5ubuntu0.5 |
| devel | not-affected | |
| hardy | released | 1.2.15~beta5-3ubuntu0.2 |
| intrepid | released | 1.2.27-1ubuntu0.2 |
| jaunty | released | 1.2.27-2ubuntu2.1 |
| karmic | not-affected | |
| upstream | released | 1.2.37 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | uses system libpng |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | uses system libpng |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | ignored | uses system libpng |
| hardy | ignored | end of life |
| intrepid | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| hardy | released | 1.9.0.7+nobinonly-0ubuntu0.8.04.1 |
| intrepid | released | 1.9.0.7+nobinonly-0ubuntu0.8.10.1 |
| jaunty | released | 1.9.0.7+nobinonly-0ubuntu1 |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | released | 1.9.1.3+build1+nobinonly-0ubuntu0.9.04.2 |
| karmic | not-affected | |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
libpng before 1.2.37 does not properly parse 1-bit interlaced images w ...
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность защищаемой информации
EPSS
4.3 Medium
CVSS2