Page 2 of 28 results (0.007 seconds)

CVSS: 7.8EPSS: 26%CPEs: 18EXPL: 0

22 Mar 2012 — Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026. El error de signo de entero en pngrutil.c en libpng antes v1.4.10beta01, tal y como se utiliza en Google Chrome antes de v17.0.963.83 y otros productos, permite a atacantes... • http://code.google.com/p/chromium/issues/detail?id=116162 • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

31 Aug 2011 — Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244. Una pérdida de memoria en la función embedded_profile_len en el archivo pngwutil.c en libpng anterior a versión 1.2.39beta5, permite a los atacantes dependiendo del contexto causa... • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 176EXPL: 0

31 Aug 2011 — Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. Una pérdida de memoria en pngwutil.c en libpng v1.2.13beta1, y otras versiones anteriores a la v1.2.15beta3, permite provocar una denegación de servicio (pérdida de memoria o fallo de segmentación) a atacantes dependientes del contexto a tra... • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18 • CWE-399: Resource Management Errors •

CVSS: 6.5EPSS: 2%CPEs: 24EXPL: 0

30 Jun 2010 — Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegación de servicio (consumo de memoria y caída de aplicación) a través de una imagen que contiene un troceado mal formado del Physical ... • http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20 • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 9.8EPSS: 83%CPEs: 31EXPL: 4

30 Jun 2010 — Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. Desbordamiento de buffer en el fichero pngpread.c en libpng anteriores a 1.2.44 y 1.4.x anteriroes a 1.4.3, como se utiliza en aplicaciones progresivas, podría permitir a atacantes remotos ejecutar código arbitrario mediante una imagen PNG que desencadena una serie de datos adicionales. ... • https://www.exploit-db.com/exploits/14422 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 249EXPL: 0

12 Jun 2009 — libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file. libpng anteriores a v1.2.37 no parsea adecuadamente 1-bit de imágenes entrelazadas con valores de ancho que no son divisibles por 8, lo que produce que libpng incluya bits sin inicializar en ciertas filas d... • http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.1EPSS: 9%CPEs: 15EXPL: 0

22 Feb 2009 — The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables. La libreria de referencia PNG (tambien conocida como libpng) anterior a v1.0.43, y v1.2.x anteriores a... • ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt • CWE-824: Access of Uninitialized Pointer •

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

15 Jan 2009 — The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability. La funcion png_check_keyword en pngwutil.c en libpng anteriores a v1.0.42, v1.2.x anterior a v1.2.34... • http://libpng.sourceforge.net/index.html •

CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 1

10 Sep 2008 — Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c. Múltiples desbordamientos de entero en libpng versiones anteriores a 1.2.32beta01, y 1.4 versiones anteriores a 1.4.0beta34, permiten a atacantes dependientes de contexto provocar ... • http://secunia.com/advisories/31781 • CWE-193: Off-by-one Error •

CVSS: 6.5EPSS: 6%CPEs: 1EXPL: 0

08 Oct 2007 — Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266. Error de superación de límite (off-by-one) en el manejo de perfiles ICC en la función png_set_iCCP de pngset.c en libpng anterior a 1.2.22 beta1 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen PNG manipulada artesanalment... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html • CWE-189: Numeric Errors •