Описание
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 14.0.835.202~r103287-0ubuntu1 |
| hardy | DNE | |
| lucid | released | 14.0.835.202~r103287-0ubuntu0.10.04.2 |
| maverick | released | 14.0.835.202~r103287-0ubuntu0.10.10.1 |
| natty | released | 14.0.835.202~r103287-0ubuntu0.11.04.1 |
| oneiric | released | 14.0.835.202~r103287-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 8.0~b4+build1-0ubuntu2 |
| hardy | ignored | end of life |
| lucid | not-affected | 3.6.23+build1+nobinonly-0ubuntu0.10.04.1 |
| maverick | not-affected | 3.6.23+build1+nobinonly-0ubuntu0.10.10.1 |
| natty | not-affected | 7.0.1+build1+nobinonly-0ubuntu0.11.04.1 |
| oneiric | not-affected | 7.0.1+build1+nobinonly-0ubuntu2 |
| upstream | not-affected | 7.0.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.46-3ubuntu1 |
| hardy | released | 1.2.15~beta5-3ubuntu0.4 |
| lucid | released | 1.2.42-1ubuntu2.2 |
| maverick | released | 1.2.44-1ubuntu0.1 |
| natty | released | 1.2.44-1ubuntu3.1 |
| oneiric | not-affected | 1.2.46-3ubuntu1 |
| upstream | released | 1.2.45 |
Показывать по
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1. ...
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.
EPSS
6.8 Medium
CVSS2
8.8 High
CVSS3