Lucene search
K

17 matches found

Microsoft CVE
Microsoft CVE
added 2025/09/03 11:15 p.m.5 views

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

...

6.5CVSS7AI score0.02628EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:58 a.m.6 views

SUSE CVE-2010-2249

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service memory consumption and application crash via a PNG image containing malformed Physical Scale aka sCAL chunks...

6.5CVSS6.8AI score0.02628EPSS
Exploits0References6
Veracode
Veracode
added 2019/01/15 9:25 a.m.23 views

Denial Of Service (DoS)

libpng.so is vulnerable to denial of service. In pngrutil.c, a wrong calculation of rowfactor in the pngcheckchunklength function leads to an integer overflow which results in a division-by-zero and denial-of-service condition...

6.5CVSS7.5AI score0.0447EPSS
Exploits0References29Affected Software3
RedHat Linux
RedHat Linux
added 2018/11/26 3:43 p.m.8 views

libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service

In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...

6.5CVSS7.4AI score0.0447EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/10/24 9:39 p.m.5 views

libpng: Integer overflow and resultant divide-by-zero in pngrutil.c:png_check_chunk_length() allows for denial of service

In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...

6.5CVSS7.4AI score0.0447EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/07/09 1:0 p.m.22 views

CVE-2018-13785

In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function pngrutil.c may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service...

7.2AI score0.0447EPSS
Exploits0References20
CVE
CVE
added 2015/01/18 6:0 p.m.97 views

CVE-2015-0973

CVE-2015-0973 is a library-level vulnerability in libpng. A buffer overflow in png_read_IDAT_data (libpng) can be triggered by IDAT data with a large width, allowing potential arbitrary code execution. Affected libpng versions are before 1.5.21 (and 1.6.x before 1.6.16). Android bulletin coverage...

8.8CVSS7.3AI score0.04308EPSS
Exploits2References9Affected Software1
CVE
CVE
added 2012/03/22 4:0 p.m.211 views

CVE-2011-3045

CVE-2011-3045 describes an integer signedness error in libpng’s png_inflate (pngrutil.c) affecting libpng before 1.4.10beta01. The vulnerability, cited as used in Google Chrome before 17.0.963.83 and other products, can cause a denial of service (application crash) or potentially allow arbitrary ...

8.8CVSS9AI score0.03567EPSS
Exploits0References25Affected Software1
Prion
Prion
added 2012/01/17 7:55 p.m.18 views

Denial of service

The pnghandlecHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed PNG image containing a cHRM chunk associated with a certain zero value...

2.6CVSS6.9AI score0.03773EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2012/01/17 7:0 p.m.26 views

CVE-2011-3328

The pnghandlecHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed PNG image containing a cHRM chunk associated with a certain zero value...

7.1AI score0.03773EPSS
Exploits1References10
CVE
CVE
added 2012/01/17 7:0 p.m.52 views

CVE-2011-3328

The CVE-2011-3328 issue affects libpng 1.5.4 with color-correction enabled, where png_handle_cHRM in pngrutil.c mishandles a cHRM chunk with a zero value, allowing a remote attacker to cause a denial of service (divide-by-zero and crash). Connected records confirm this vulnerability and indicate ...

2.6CVSS6.5AI score0.03773EPSS
Exploits1References10Affected Software1
CVE
CVE
added 2011/07/17 8:0 p.m.97 views

CVE-2011-2692

CVE-2011-2692 affects libpng: the png_handle_sCAL function in libpng versions 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not correctly handle invalid sCAL chunks. This can allow a remote attacker to cause a denial of service (memory corruption and cr...

8.8CVSS9.2AI score0.04227EPSS
Exploits1References28Affected Software1
RedHat Linux
RedHat Linux
added 2010/07/14 5:46 p.m.4 views

libpng: Memory leak when processing Physical Scale (sCAL) images

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service memory consumption and application crash via a PNG image containing malformed Physical Scale aka sCAL chunks...

6.5CVSS7.4AI score0.02628EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2010/06/30 12:0 a.m.5 views

PT-2010-1082 · Libpng +2 · Libpng +2

Name of the Vulnerable Software and Affected Versions: libpng versions prior to 1.4.3 libpng versions 1.4.x prior to 1.4.3 libpng versions prior to 1.2.44 Description: The issue is related to multiple vulnerabilities in the libpng package, which can be exploited remotely, leading to a denial of...

9.8CVSS8AI score0.43382EPSS
Exploits7References56
seebug.org
seebug.org
added 2008/10/28 12:0 a.m.28 views

Libpng库png_handle_tEXt()内存泄露漏洞

BUGTRAQ ID: 31920 libpng是多种应用程序所使用的解析PNG图形格式的函数库。 libpng库的pngrutil.c文件中的pnghandletEXt函数在处理特制的PNG图形时存在内存泄露错误。如果用户使用链接到该库的应用打开了特制图形文件的话,就可能触发这个漏洞,耗尽所有可用的内存资源。 0 libpng 1.2.32 libpng ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: a href=http://sourceforge.net/project/showfiles.php?groupid=5624...

6.9AI score
Exploits0
NVD
NVD
added 2007/05/16 10:30 p.m.25 views

CVE-2007-2445

The pnghandletRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service application crash via a grayscale PNG image with a bad tRNS chunk CRC value...

5CVSS6.3AI score0.05115EPSS
Exploits1References51
Tenable Nessus
Tenable Nessus
added 2006/07/20 12:0 a.m.31 views

GLSA-200607-06 : libpng: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200607-06 libpng: Buffer overflow In pngrutil.c, the function pngdecompresschunk allocates insufficient space for an error message, potentially overwriting stack data, leading to a buffer overflow. Impact : By enticing a user to...

7.5CVSS6.3AI score0.03975EPSS
Exploits0References3
Rows per page
Query Builder