Описание
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | |
| hardy | DNE | |
| karmic | DNE | |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| hardy | not-affected | |
| karmic | DNE | |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 1.2.8rel-5ubuntu0.6 |
| devel | not-affected | 1.2.44-1ubuntu3 |
| hardy | not-affected | 1.2.15~beta5-3ubuntu0.3 |
| karmic | not-affected | 1.2.37-1ubuntu0.2 |
| lucid | not-affected | 1.2.42-1ubuntu2.1 |
| maverick | not-affected | 1.2.44-1 |
| upstream | released | 1.5.1 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cau ...
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
EPSS
6.8 Medium
CVSS2