6 matches found
Gentoo Security Advisory GLSA 200607-06 (libpng)
The remote host is missing updates announced in advisory GLSA 200607-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
SuSE 10 Security Update : libpng (ZYPP Patch Number 2325)
The sPLT chunk handling in libpng was incorrect and a handcrafted PNG file could be use to cause an out-of-bounds read, effectively crashing the PNG viewer or webbrowser. CVE-2006-5793 Additionally a 2 byte stackoverflow was fixed which we do not believe to be exploitable. It will cause an abort ...
openSUSE 10 Security Update : libpng (libpng-2322)
The sPLT chunk handling in libpng was incorrect and a handcrafted PNG file could be use to cause an out-of-bounds read, effectively crashing the PNG viewer or webbrowser. CVE-2006-5793 Additionaly a 2 byte stackoverflow was fixed which we do not believe to be exploitable. It will cause an abort o...
Mandrake Linux Security Advisory : doxygen (MDKSA-2006:212)
Doxygen is a documentation system for C, C++ and IDL. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities : Buffer overflow in the pngdecompresschunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to...
Mandrake Linux Security Advisory : libpng (MDKSA-2006:209)
Buffer overflow in the pngdecompresschunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to 'chunk error processing,' possibly involving the 'chunkname'. CVE-2006-33...
CVE-2006-3334
CVE-2006-3334 affects libpng versions before 1.2.12, where a buffer overflow in png_decompress_chunk (pngrutil.c) can trigger denial of service and possibly arbitrary code execution via chunk error handling/chunk_name vectors. The connected documents corroborate this, noting the vulnerability ari...