Описание
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | uses system libpng |
| hardy | DNE | |
| lucid | not-affected | uses system libpng |
| maverick | not-affected | uses system libpng |
| natty | not-affected | uses system libpng |
| oneiric | not-affected | uses system libpng |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| oneiric | not-affected | |
| upstream | not-affected |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.2.46-3ubuntu4 |
| hardy | released | 1.2.15~beta5-3ubuntu0.7 |
| lucid | released | 1.2.42-1ubuntu2.5 |
| maverick | released | 1.2.44-1ubuntu0.4 |
| natty | released | 1.2.44-1ubuntu3.4 |
| oneiric | released | 1.2.46-3ubuntu1.3 |
| upstream | released | 1.2.49 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| oneiric | not-affected | |
| upstream | not-affected |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, ...
The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow.
EPSS
6.8 Medium
CVSS2