optipng: arbitrary code execution

2016-04-04T00:00:00
ID ASA-201604-5
Type archlinux
Reporter Arch Linux
Modified 2016-04-04T00:00:00

Description

An invalid write may occur in optipng before version 0.7.6 while processing bitmap images due to `crt_row' being (inc|dec)remented without any boundary checking when encountering delta escapes. This issue can possibly be used to execute arbitrary code.