Lucene search

K
nvd[email protected]NVD:CVE-2002-1363
HistoryDec 26, 2002 - 5:00 a.m.

CVE-2002-1363

2002-12-2605:00:00
web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.103 Low

EPSS

Percentile

95.0%

Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.

Affected configurations

NVD
Node
greg_roelofslibpngMatch1.0.5
OR
greg_roelofslibpngMatch1.0.6
OR
greg_roelofslibpngMatch1.0.7
OR
greg_roelofslibpngMatch1.0.8
OR
greg_roelofslibpngMatch1.0.9
OR
greg_roelofslibpngMatch1.0.11
OR
greg_roelofslibpngMatch1.0.12
OR
greg_roelofslibpngMatch1.0.13
OR
greg_roelofslibpngMatch1.0.14
OR
greg_roelofslibpngMatch1.2.0
OR
greg_roelofslibpngMatch1.2.1
OR
greg_roelofslibpngMatch1.2.2
OR
greg_roelofslibpngMatch1.2.3
OR
greg_roelofslibpngMatch1.2.4

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.103 Low

EPSS

Percentile

95.0%