Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24741

HistoryApr 10, 2020 - 1:03 a.m.

Denial Of Service (DoS)

2020-04-1001:03:15

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

libpng is vulnerable to denial of service. An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash.

CPENameOperatorVersion
libpngeq1.2.7__1.el4.2
libpngeq1.2.7__3.el4_5.1
libpngeq1.2.44__1.el6
libpngeq1.2.7__3.el4_7.2
libpngeq1.2.7__3.el4_8.3
libpngeq1.2.7__3.el4
libpng10eq1.0.16__3.el4_5.1
libpng10eq1.0.16__3.el4_7.3
libpng10eq1.0.16__3.el4_8.4
libpngeq1.2.7__1.el4.2

Rows per page:

1-10 of 181

References

libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commit%3Bh=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339

libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commit;h=61a2d8a2a7b03023e63eae9a3e64607aaaa6d339

lists.apple.com/archives/Security-announce/2011//Oct/msg00003.html

lists.apple.com/archives/security-announce/2012/May/msg00001.html

lists.fedoraproject.org/pipermail/package-announce/2011-July/063118.html

secunia.com/advisories/45046

secunia.com/advisories/45405

secunia.com/advisories/45415

secunia.com/advisories/45445

secunia.com/advisories/45460

secunia.com/advisories/45461

secunia.com/advisories/45492

secunia.com/advisories/49660

security.gentoo.org/glsa/glsa-201206-15.xml

sourceforge.net/mailarchive/forum.php?thread_name=003101cc2790%24fb5d6e80%24f2184b80%24%40acm.org&forum_name=png-mng-implement

support.apple.com/kb/HT5002

support.apple.com/kb/HT5281

www.debian.org/security/2011/dsa-2287

www.kb.cert.org/vuls/id/819894

www.libpng.org/pub/png/libpng.html

www.mandriva.com/security/advisories?name=MDVSA-2011:151

www.openwall.com/lists/oss-security/2011/07/13/2

www.redhat.com/support/errata/RHSA-2011-1103.html

www.redhat.com/support/errata/RHSA-2011-1104.html

www.redhat.com/support/errata/RHSA-2011-1105.html

www.securityfocus.com/bid/48618

www.ubuntu.com/usn/USN-1175-1

access.redhat.com/errata/RHSA-2011:1105

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=720612

exchange.xforce.ibmcloud.com/vulnerabilities/68536

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

Related for VERACODE:24741

openvas53 nessus33 prion1 centos2 cve1 ubuntucve1 redhat3 cert1 securityvulns5 fedora12 altlinux3 ubuntu1 oraclelinux3 debian1 gentoo1 ibm1