Page 2 of 10 results (0.007 seconds)

CVSS: 5.0EPSS: 10%CPEs: 1EXPL: 1

Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image. Múltiples desbordamientos de enteros en las funciónes (1) png_read o (2) png_handle_sPLT o la capacidad (3) visualización progresiva de imagen en libpng 1.2.5 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una imagen PNG malformada. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://marc.info/? •

CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 2

The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. La función png_handle_iCCP en libpng 1.2.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una cierta imagen PNG que dispara una desreferencia nula. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://scary.beasts.org/security/CESA-2004-001.txt http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://sunsolve.sun.com/search/document.do? •

CVSS: 7.5EPSS: 12%CPEs: 14EXPL: 0

Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. • http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008 http://www.debian.org/security/2002/dsa-213 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063 http://www.novell.com/linux/security/advisories/2003_004_libpng.html http://www.redhat.com/support/errata/RHSA-2003-006.html http://www.redhat.com/support/errata/RHSA-2003-007.html http://www.redhat.com/support/errata/RHSA-2003-119.html http://www.redhat.com/support/errata/RHSA-2003-157.html http •

CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0

Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728. • http://rhn.redhat.com/errata/RHSA-2002-151.html http://rhn.redhat.com/errata/RHSA-2002-152.html https://www.debian.org/security/2002/dsa-140 https://access.redhat.com/security/cve/CVE-2002-0660 https://bugzilla.redhat.com/show_bug.cgi?id=1616793 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk. Desbordamiento de búfer en la lectura progresiva con libpng 1.2.4 y 1.0.14 permite que atacantes remotos provoquen una denegación de servicio por medio de un stream de datos PNG que tiene más datos IDAT de los que se indican en el chunk IHDR. • ftp://swrinde.nde.swri.edu/pub/png-group/archives/png-list.200207 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000512 http://rhn.redhat.com/errata/RHSA-2002-152.html http://www.debian.org/security/2002/dsa-140 http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-049.php https://access.redhat.com/security/cve/CVE-2002-0728 https://bugzilla.redhat.com/show_bug.cgi?id=1616803 •