33 matches found
EUVD-2006-5777
Malware in sbrugna...
EUVD-2015-7601
Malware in sbrugna...
SUSE CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
FreeBSD : pngcheck -- Buffer-overrun vulnerability (13ca36b8-6141-11eb-8a36-7085c2fb2c14)
The libpng project reports : pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used. Both bugs are fixed in version 3.0.1, released on 24 January 2021...
pngcheck -- Buffer-overrun vulnerability
The libpng project reports: pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used. Both bugs are fixed in version 3.0.1, released on 24 January 2021...
Fedora 33 : pngcheck (2020-f3a397cbf8)
"Previous fix for buffer overrun printing the contents of the sPLT chunk in certain malformed inputs RHBZ1905775 was incomplete; it should be properly fixed now. ---- Security fix for multiple buffer overflows from crafted file input RHBZ1902786,1902806,1902810: no CVE yet assigned, and for buffe...
Fedora 32 : pngcheck (2020-daffd78c3d)
"Previous fix for buffer overrun printing the contents of the sPLT chunk in certain malformed inputs RHBZ1905775 was incomplete; it should be properly fixed now. ---- Security fix for multiple buffer overflows from crafted file input RHBZ1902786,1902806,1902810: no CVE yet assigned, and for buffe...
Denial Of Service (DoS)
libpng is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the sPLT chunk handling code in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was opened...
CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
pngcrush double release vulnerability
pngcrush is a set of PNG image compression tools. The tool supports batch compression of images in PNG format. A double release vulnerability exists in the png.c file and sPLT chunk structure in versions of pngcrush prior to 1.7.87. No detailed vulnerability details are provided at this time...
UBUNTU-CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
Double free
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
DEBIAN-CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
CVE-2015-7700
CVE-2015-7700 affects pngcrush before v1.7.87, with a double-free in the sPLT chunk structure and in png.c. The issue is described across multiple sources as allowing unspecified impact via unknown vectors. Public details identify the vulnerable component as pngcrush’s parsing/handling of sPLT an...
CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
CVE-2015-7700
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors...
Amazon Linux AMI : pngcrush (ALAS-2016-646)
A double-free bug was discovered in pngcrush's handling of the sPLT chunk. A malicious PNG could crash the pngcrush process. CVE-2015-7700 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2016-646...