Libpng Security Vulnerabilities and Issues — Libpng CVE List

Lucene search

Greg RoelofsLibpng

4 matches found

CVE•added 2004/11/23 5:0 a.m.•65 views

CVE-2004-0599

Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.

5CVSS6.1AI score0.31363EPSS

CVE•added 2004/11/23 5:0 a.m.•54 views

CVE-2004-0598

The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.

5CVSS6.1AI score0.31346EPSS

CVE•added 2002/08/12 4:0 a.m.•52 views

CVE-2002-0728

Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.

5CVSS6.5AI score0.00542EPSS

CVE•added 2006/01/31 6:3 p.m.•44 views

CVE-2006-0481

Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.

5CVSS6.6AI score0.02064EPSS