3 matches found
CVE-2011-3464
Off-by-one error in the pngformattedwarning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow...
CVE-2011-3464
Off-by-one error in the pngformattedwarning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service application crash and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow...
CVE-2011-3328
The pnghandlecHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed PNG image containing a cHRM chunk associated with a certain zero value...