SUSE CVE-2013-7354

Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service crash via a crafted image to the 1 pngsetsPLT or 2 pngsettext2 function, which triggers a heap-based buffer overflow...

libpng 'png_set_text_2()' function remote denial of service vulnerability

libpng is a PNG reference library that can create, read and write PNG graphics files. A remote denial of service vulnerability exists in the 'pngsettext2' function in Libpng versions prior to 1.6.27, which can be exploited by an attacker to execute arbitrary code in the context of an application,...

Updated libpng packages fix two security vulnerabilities

Updated libpng12 packages fix security vulnerabilities: An integer overflow leading to a heap-based buffer overflow was found in the pngsetsPLT and pngsettext2 API functions of libpng. An attacker could create a specially-crafted image file and render it with an application written to explicitly...

SuSE 10 Security Update : libpng (ZYPP Patch Number 8043)

The following security issue has been fixed : - specially crafted png files could have caused a memory corruption in libpng's pngsettext2 function. CVE-2011-3048 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

CVE-2011-3048

CVE-2011-3048 affects libpng via the png_set_text_2() routine in libpng, where crafted PNG text chunks can trigger a memory allocation failure, causing a heap-based buffer overflow that may crash or allow arbitrary code execution. Impact applies to libpng 1.0.x < 1.0.59, 1.2.x < 1.2.49, 1.4...

libpng: memory corruption flaw

The pngsettext2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service crash or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocati...