optipng is vulnerable to arbitrary code execution. A heap-based buffer overflow in the bmp_read_rows
function in pngxrbmp.c
remote attackers to execute arbitrary code on the host OS.
CPE | Name | Operator | Version |
---|---|---|---|
optipng:stretch | eq | 0.7.6-1+deb9u1 | |
optipng:stretch | eq | 0.7.6-1+deb9u1 |
bugs.fi/media/afl/optipng/1/
lists.opensuse.org/opensuse-updates/2016-04/msg00061.html
lists.opensuse.org/opensuse-updates/2016-04/msg00065.html
www.debian.org/security/2016/dsa-3546
www.ubuntu.com/usn/USN-2951-1
security-tracker.debian.org/tracker/CVE-2016-3981
security.gentoo.org/glsa/201608-01
sourceforge.net/p/optipng/bugs/56/