Lucene search

K
LibpngLibpng1.6.9

5 matches found

CVE
CVE
added 2016/01/21 3:59 p.m.171 views

CVE-2015-8472

Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a smal...

7.5CVSS7.4AI score0.04755EPSS
CVE
CVE
added 2017/01/30 10:59 p.m.104 views

CVE-2016-10087

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and...

7.5CVSS6.5AI score0.01851EPSS
CVE
CVE
added 2015/01/10 7:59 p.m.82 views

CVE-2014-9495

Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.

10CVSS7.4AI score0.02533EPSS
CVE
CVE
added 2015/01/18 6:59 p.m.72 views

CVE-2015-0973

Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.

8.8CVSS7.3AI score0.02533EPSS
CVE
CVE
added 2014/02/27 8:55 p.m.62 views

CVE-2014-0333

The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.

5CVSS8.8AI score0.01828EPSS