Lucene search
PRIOn knowledge basePRION:CVE-2016-2191HistoryApr 13, 2016 - 4:59 p.m.
Session fixation
2016-04-1316:59:00
PRIOn knowledge base
www.prio-n.com
4
The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ubuntu_linux | eq | 12.04 | |
| ubuntu_linux | eq | 14.04 | |
| ubuntu_linux | eq | 15.04 | |
| debian_linux | eq | 8.0 | |
| debian_linux | eq | 7.0 | |
| leap | eq | 42.1 | |
| opensuse | eq | 13.2 | |
| optipng | eq | 0.7.2 |
References
lists.opensuse.org/opensuse-updates/2016-04/msg00061.html
lists.opensuse.org/opensuse-updates/2016-04/msg00065.html
packetstormsecurity.com/files/136553/Optipng-Invalid-Write.html
seclists.org/fulldisclosure/2016/Apr/15
www.debian.org/security/2016/dsa-3546
www.openwall.com/lists/oss-security/2016/04/04/2
www.securityfocus.com/archive/1/537972/100/0/threaded
www.ubuntu.com/usn/USN-2951-1
security.gentoo.org/glsa/201608-01
sourceforge.net/p/optipng/bugs/59/
Related
openvas
openvas
Fedora Update for optipng FEDORA-2016-b8f91621c7
2016-06-27 00:00:00
Fedora Update for optipng FEDORA-2016-2e339a7779
2016-06-19 00:00:00
Mageia: Security Advisory (MGASA-2016-0135)
2016-05-09 00:00:00
debiancve
debiancve
CVE-2016-2191
2016-04-13 16:59:11
nvd
nvd
CVE-2016-2191
2016-04-13 16:59:11
nessus
nessus
Fedora 24 : optipng (2016-2e339a7779)
2016-07-14 00:00:00
Fedora 23 : optipng (2016-b8f91621c7)
2016-07-15 00:00:00
Amazon Linux 2 : optipng (ALAS-2019-1313)
2019-10-11 00:00:00
ubuntucve
ubuntucve
CVE-2016-2191
2016-04-13 00:00:00
archlinux
archlinux
optipng: arbitrary code execution
2016-04-04 00:00:00
cve
cve
CVE-2016-2191
2016-04-13 16:59:11
amazon
amazon
Medium: optipng
2019-10-08 22:03:00
fedora
fedora
[SECURITY] Fedora 24 Update: optipng-0.7.6-1.fc24
2016-06-18 20:03:40
[SECURITY] Fedora 23 Update: optipng-0.7.6-1.fc23
2016-06-25 23:30:40
veracode
veracode
Denial Of Service (DoS)
2020-12-06 03:15:20
cvelist
cvelist
CVE-2016-2191
2016-04-13 16:00:00
mageia
mageia
Updated optipng packages fix security vulnerabilities
2016-04-13 20:39:04
debian
debian
[SECURITY] [DSA 3546-1] optipng security update
2016-04-07 21:17:34
gentoo
gentoo
OptiPNG: Multiple vulnerabilities
2016-08-11 00:00:00
freebsd
freebsd
optipng -- multiple vulnerabilities
2015-10-09 00:00:00
ubuntu
ubuntu
OptiPNG vulnerabilities
2016-04-18 00:00:00