PRIOn knowledge basePRION:CVE-2017-1000229

HistoryNov 17, 2017 - 5:29 a.m.

Integer overflow

2017-11-1705:29:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.0%

Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq7.0
debian_linuxeq9.0
optipngeq0.7.6

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	7.0
debian_linux	eq	9.0
optipng	eq	0.7.6

References

lists.debian.org/debian-lts-announce/2017/11/msg00030.html

security.gentoo.org/glsa/201801-02

sourceforge.net/p/optipng/bugs/65/

www.debian.org/security/2017/dsa-4058