Lucene search

PRIOn knowledge basePRION:CVE-2012-4432

HistoryOct 01, 2012 - 3:26 a.m.

Design/Logic Flaw

2012-10-0103:26:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

0.204 Low

EPSS

Percentile

96.4%

JSON

Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to “palette reduction.”

CPENameOperatorVersion
optipngeq0.7.1
optipngeq0.7.0
optipngeq0.7.2

Name	Operator	Version
optipng	eq	0.7.1
optipng	eq	0.7.0
optipng	eq	0.7.2

References

optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2

optipng.sourceforge.net/

secunia.com/advisories/50654

sourceforge.net/news/?group_id=151404

www.openwall.com/lists/oss-security/2012/09/17/5

www.openwall.com/lists/oss-security/2012/09/18/2

www.securityfocus.com/bid/55566

exchange.xforce.ibmcloud.com/vulnerabilities/78743