17 matches found
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
...
SUSE CVE-2010-2249
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service memory consumption and application crash via a PNG image containing malformed Physical Scale aka sCAL chunks...
Denial Of Service (DoS)
libpng.so is vulnerable to denial of service. In pngrutil.c, a wrong calculation of rowfactor in the pngcheckchunklength function leads to an integer overflow which results in a division-by-zero and denial-of-service condition...
libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service
In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...
libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service
In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...
CVE-2018-13785
In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...
CVE-2015-0973
CVE-2015-0973 is a library-level vulnerability in libpng. A buffer overflow in png_read_IDAT_data (libpng) can be triggered by IDAT data with a large width, allowing potential arbitrary code execution. Affected libpng versions are before 1.5.21 (and 1.6.x before 1.6.16). Android bulletin coverage...
CVE-2011-3045
CVE-2011-3045 describes an integer signedness error in libpng’s png_inflate (pngrutil.c) affecting libpng before 1.4.10beta01. The vulnerability, cited as used in Google Chrome before 17.0.963.83 and other products, can cause a denial of service (application crash) or potentially allow arbitrary ...
Denial of service
The pnghandlecHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed PNG image containing a cHRM chunk associated with a certain zero value...
CVE-2011-3328
The pnghandlecHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed PNG image containing a cHRM chunk associated with a certain zero value...
CVE-2011-3328
The CVE-2011-3328 issue affects libpng 1.5.4 with color-correction enabled, where png_handle_cHRM in pngrutil.c mishandles a cHRM chunk with a zero value, allowing a remote attacker to cause a denial of service (divide-by-zero and crash). Connected records confirm this vulnerability and indicate ...
CVE-2011-2692
CVE-2011-2692 affects libpng: the png_handle_sCAL function in libpng versions 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not correctly handle invalid sCAL chunks. This can allow a remote attacker to cause a denial of service (memory corruption and cr...
libpng: Memory leak when processing Physical Scale (sCAL) images
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service memory consumption and application crash via a PNG image containing malformed Physical Scale aka sCAL chunks...
PT-2010-1082 · Libpng +2 · Libpng +2
Name of the Vulnerable Software and Affected Versions: libpng versions prior to 1.4.3 libpng versions 1.4.x prior to 1.4.3 libpng versions prior to 1.2.44 Description: The issue is related to multiple vulnerabilities in the libpng package, which can be exploited remotely, leading to a denial of...
Libpng库png_handle_tEXt()内存泄露漏洞
BUGTRAQ ID: 31920 libpng是多种应用程序所使用的解析PNG图形格式的函数库。 libpng库的pngrutil.c文件中的pnghandletEXt函数在处理特制的PNG图形时存在内存泄露错误。如果用户使用链接到该库的应用打开了特制图形文件的话,就可能触发这个漏洞,耗尽所有可用的内存资源。 0 libpng 1.2.32 libpng ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: a href=http://sourceforge.net/project/showfiles.php?groupid=5624...
CVE-2007-2445
The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...
GLSA-200607-06 : libpng: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200607-06 libpng: Buffer overflow In pngrutil.c, the function pngdecompresschunk allocates insufficient space for an error message, potentially overwriting stack data, leading to a buffer overflow. Impact : By enticing a user to...