15 matches found
Slackware: Security Advisory (SSA:2006-335-03)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : libpng on SL5.x, SL4.x, SL3.x i386/x86_64
A flaw was found in the handling of malformed images in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was manipulated. CVE-2007-2445 A flaw was found in the sPLT chunk handling code in...
Fedora Update for libpng FEDORA-2007-528
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for libpng FEDORA-2007-529
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 10 Security Update : libpng (ZYPP Patch Number 2325)
The sPLT chunk handling in libpng was incorrect and a handcrafted PNG file could be use to cause an out-of-bounds read, effectively crashing the PNG viewer or webbrowser. CVE-2006-5793 Additionally a 2 byte stackoverflow was fixed which we do not believe to be exploitable. It will cause an abort ...
openSUSE 10 Security Update : libpng (libpng-2322)
The sPLT chunk handling in libpng was incorrect and a handcrafted PNG file could be use to cause an out-of-bounds read, effectively crashing the PNG viewer or webbrowser. CVE-2006-5793 Additionaly a 2 byte stackoverflow was fixed which we do not believe to be exploitable. It will cause an abort o...
CentOS 3 / 4 / 5 : libpng (CESA-2007:0356)
Updated libpng packages that fix security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libpng package contains a library of functions for creating and manipulating PNG Portable Netwo...
libpng security update
CentOS Errata and Security Advisory CESA-2007:0356-01 Updated libpng packages that fix security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libpng package contains a library of...
Moderate: Red Hat Security Advisory: libpng security update
Updated libpng packages that fix security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The libpng package contains a library of functions for creating and manipulating PNG Portable Netwo...
Moderate: libpng security update
libpng-1.2.7-3.el4: 1.2.7-3.el4 - Add patch to fix CVE-2006-5793 Resolves: 215405 1.2.7-2.el4 - Add patch to fix CVE-2007-2445 Resolves: 239543 libpng10-1.0.16-3: 1.0.16-3 - Add patch to fix CVE-2006-5793 Resolves: 215405 1.0.16-2 - Add patch to fix CVE-2007-2445 Resolves: 239543...
Mandrake Linux Security Advisory : doxygen (MDKSA-2006:212)
Doxygen is a documentation system for C, C++ and IDL. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities : Buffer overflow in the pngdecompresschunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to...
Mandrake Linux Security Advisory : libpng (MDKSA-2006:209)
Buffer overflow in the pngdecompresschunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to 'chunk error processing,' possibly involving the 'chunkname'. CVE-2006-33...
[slackware-security] libpng
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-5793 Here are the details from the Slackware 11.0...
CVE-2006-5793
The sPLT chunk handling code pngsetsPLT function in pngset.c in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service crash via malformed sPLT chunks that trigger an out-of-bounds read...
CVE-2006-5793
Concrete details found: The issue affects libpng 1.0.6–1.2.12, due to a wrong data-type size in the sPLT chunk handling (png_set_sPLT in pngset.c). This can trigger an out-of-bounds read and crash (DoS) when processing malformed sPLT chunks. Remediation referenced in connected docs as patching li...