Lucene search
Veracode Vulnerability DatabaseVERACODE:28235HistoryDec 06, 2020 - 3:34 a.m.
Denial Of Service (DoS)
2020-12-0603:34:02
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.018 Low
EPSS
Percentile
88.1%
OptiPNG is vulnerable to denial of service. An attacker may cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.
| CPE | Name | Operator | Version |
|---|---|---|---|
| optipng:stretch | eq | 0.7.6-1+deb9u1 | |
| optipng:stretch | eq | 0.7.6-1+deb9u1 |
References
bugs.fi/media/afl/optipng/2/
lists.opensuse.org/opensuse-updates/2016-04/msg00061.html
lists.opensuse.org/opensuse-updates/2016-04/msg00065.html
www.debian.org/security/2016/dsa-3546
www.ubuntu.com/usn/USN-2951-1
security-tracker.debian.org/tracker/CVE-2016-3982
security.gentoo.org/glsa/201608-01
sourceforge.net/p/optipng/bugs/57/
Related
prion
prion
Heap overflow
2016-04-13 16:59:00
debiancve
debiancve
CVE-2016-3982
2016-04-13 16:59:24
ubuntucve
ubuntucve
CVE-2016-3982
2016-04-13 00:00:00
cvelist
cvelist
CVE-2016-3982
2016-04-13 16:00:00
nvd
nvd
CVE-2016-3982
2016-04-13 16:59:24
cve
cve
CVE-2016-3982
2016-04-13 16:59:24
nessus
nessus
openSUSE Security Update : optipng (openSUSE-2016-469)
2016-04-18 00:00:00
openSUSE Security Update : optipng (openSUSE-2016-468)
2016-04-18 00:00:00
GLSA-201608-01 : OptiPNG: Multiple vulnerabilities
2016-08-11 00:00:00
gentoo
gentoo
OptiPNG: Multiple vulnerabilities
2016-08-11 00:00:00
freebsd
freebsd
optipng -- multiple vulnerabilities
2015-10-09 00:00:00
openvas
openvas
Debian Security Advisory DSA 3546-1 (optipng - security update)
2016-04-07 00:00:00
Debian: Security Advisory (DSA-3546-1)
2016-04-06 00:00:00
Ubuntu: Security Advisory (USN-2951-1)
2016-04-19 00:00:00
ubuntu
ubuntu
OptiPNG vulnerabilities
2016-04-18 00:00:00