CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7802 – Ubuntu Security Notice USN-2951-1
https://notcve.org/view.php?id=CVE-2015-7802
18 Apr 2016 — gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file. gifread.c en gif2png, tal como se utiliza en OptiPNG en versiones anteriores a 0.7.6, permite a atacantes remotos provocar una denegación de servicio (lectura de memoria no inicializada) a través de un archivo GIF manipulado. Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially cra... • http://optipng.sourceforge.net/history.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 1CVE-2016-3981 – Gentoo Linux Security Advisory 201608-01
https://notcve.org/view.php?id=CVE-2016-3981
13 Apr 2016 — Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file. Desbordamiento de buffer basado en memoria dinámica en la función bmp_read_rows en pngxrbmp.c en OptiPNG en versiones anteriores a 0.7.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango o escritura de acceso y caída) ... • http://bugs.fi/media/afl/optipng/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-3982 – Gentoo Linux Security Advisory 201608-01
https://notcve.org/view.php?id=CVE-2016-3982
13 Apr 2016 — Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow. Error por un paso en la función bmp_rle4_fread en pngxrbmp.c en OptiPNG en versiones anteriores a 0.7.6 permite a atacantes remotos provocar una denegación de servicio (acceso a lectura o escritura fuera de rango y caída... • http://bugs.fi/media/afl/optipng/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 3CVE-2012-4432 – Gentoo Linux Security Advisory 201404-03
https://notcve.org/view.php?id=CVE-2012-4432
01 Oct 2012 — Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." Vulnerabilidad de error en la gestión de recursos en opngreduc.c en OptiPNG Hg y v0.7.3 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados, relacionados con "reducción de paleta" A use-after-free error in OptiPNG could result in execution of arbitrary code or Denial... • http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2 • CWE-399: Resource Management Errors •