Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2007-5267
HistoryOct 08, 2007 - 12:00 a.m.

CVE-2007-5267

2007-10-0800:00:00
ubuntu.com
ubuntu.com
14

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.067 Low

EPSS

Percentile

93.7%

JSON

Off-by-one error in ICC profile chunk handling in the png_set_iCCP function
in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause
a denial of service (crash) via a crafted PNG image, due to an incorrect
fix for CVE-2007-5266.

Notes

Author Note
jdstrand this is a fix for 1.2.21 only, which had an improper fix for CVE-2007-5266

Related

prion 2
cve 2
nessus 18
openvas 15
freebsd 1
slackware 2
securityvulns 4
ubuntucve 1
packetstorm 1
coresecurity 1
gentoo 2
prion
prion
Code injection
2007-10-08 21:17:00
Null pointer dereference
2007-10-08 21:17:00
cve
cve
CVE-2007-5267
2007-10-08 21:17:00
CVE-2007-5266
2007-10-08 21:17:00
nessus
nessus
Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : libpng vulnerabilities (USN-538-1)
2007-11-10 00:00:00
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2007-325-01)
2007-11-26 00:00:00
FreeBSD : png -- multiple vulnerabilities (172acf78-780c-11dc-b3f4-0016179b2dd5)
2007-10-12 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2007-325-01)
2012-09-10 00:00:00
FreeBSD Ports: png
2008-09-04 00:00:00
Slackware Advisory SSA:2007-325-01 libpng
2012-09-11 00:00:00
freebsd
freebsd
png -- multiple vulnerabilities
2007-10-08 00:00:00
slackware
slackware
[slackware-security] libpng
2007-11-21 08:14:31
[slackware-security] libpng for Slackware 10.1 and 10.2
2007-11-21 21:16:25
securityvulns
securityvulns
libpng multiple security vulnerabilities
2007-10-20 00:00:00
Google Android SDK multiple security vulnerabilities
2008-03-05 00:00:00
CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK
2008-03-05 00:00:00
ubuntucve
ubuntucve
CVE-2007-5266
2007-10-08 00:00:00
packetstorm
packetstorm
Core Security Technologies Advisory 2008.0124
2008-03-04 00:00:00
coresecurity
coresecurity
Multiple Vulnerabilities in Google's Android
2008-03-04 00:00:00
gentoo
gentoo
libpng: Multiple Denials of Service
2007-11-07 00:00:00
AMD64 x86 emulation base libraries: Multiple vulnerabilities
2014-12-12 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.067 Low

EPSS

Percentile

93.7%

JSON
Related for UB:CVE-2007-5267
prion2cve2nessus18openvas15freebsd1slackware2securityvulns4ubuntucve1packetstorm1coresecurity1gentoo2