AZL-41475 CVE-2011-2691 affecting package syslinux for versions less than 6.04-11

The pngerr function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service application crash vi...

AZL-40809 CVE-2010-2249 affecting package syslinux for versions less than libpng-1.2.44

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service memory consumption and application crash via a PNG image containing malformed Physical Scale aka sCAL chunks...

CVE-2003-1422

Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors...

CVE-2003-1422

Technical details for CVE-2003-1422 are not provided in the supplied documents; no concrete affected products, versions, or remediation are disclosed. Monitor for updates.

Mandrake Linux Security Advisory : syslinux (MDKSA-2006:210)

SYSLINUX is a boot loader for the Linux operating system which operates off an MS-DOS/Windows FAT filesystem. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities : Buffer overflow in the pngdecompresschunk function in pngrutil.c in libpn...

[ MDKSA-2006:210 ] - Updated syslinux packages to fix embedded libpng vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:210 http://www.mandriva.com/security/ Package : syslinux Date : November 16, 2006 Affected: 2007.0 Problem Description: SYSLINUX is a boot loader for the Linux operating system which operates off an...

CVE-2003-1422

Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors...