Lucene search

FreeBSDA8818F7F-9182-11E2-9BDF-D48564727302

HistorySep 16, 2012 - 12:00 a.m.

optipng -- use-after-free vulnerability

2012-09-1600:00:00

vuxml.freebsd.org

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.204 Low

EPSS

Percentile

96.4%

JSON

Secunia reports:

A vulnerability has been reported in OptiPNG, which can be
exploited by malicious people to potentially compromise a user’s
system.
The vulnerability is caused due to a use-after-free error related
to the palette reduction functionality. No further information is
currently available.
Success exploitation may allow execution of arbitrary code.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchoptipng= 0.7UNKNOWN
FreeBSDanynoarchoptipng< 0.7.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	optipng	= 0.7	UNKNOWN
FreeBSD	any	noarch	optipng	< 0.7.4	UNKNOWN

References

secunia.com/advisories/50654

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.204 Low

EPSS

Percentile

96.4%

JSON

Related for A8818F7F-9182-11E2-9BDF-D48564727302