libpng invalid sCAL chunk processing vulnerability

Overview libpng reads uninitialized memory when processing invalid sCAL chunks. Description When libpng encounters a sCAL chunk that is empty it will read uninitialized memory. libpng also does not properly handle a sCAL chunk that lacks the terminating zero between the two strings...

AZL-44709 CVE-2010-2249 affecting package libpng12 1.2.57-16

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service memory consumption and application crash via a PNG image containing malformed Physical Scale aka sCAL chunks...

CVE-2010-2249

CVE-2010-2249 affects libpng: memory leak in pngrutil.c when processing certain PNG chunks (notably sCAL). Versions affected are libpng before 1.2.44 and 1.4.x before 1.4.3; exploitation can cause a denial of service via memory consumption and application crash. Remediation per connected sources ...

libpng DoS via multiple out-of-bounds reads

Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service crash via crafted 1 pCAL pnghandlepCAL, 2 sCAL pnghandlesCAL, 3 tEXt pngpushreadtEXt, 4 iTXt pnghandleiTXt, and 5 ztXT pnghandleztXt chunking in PNG images, which trigger...