CVSS: 6.5EPSS: 6%CPEs: 1EXPL: 0CVE-2007-5267
https://notcve.org/view.php?id=CVE-2007-5267
08 Oct 2007 — Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266. Error de superación de límite (off-by-one) en el manejo de perfiles ICC en la función png_set_iCCP de pngset.c en libpng anterior a 1.2.22 beta1 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen PNG manipulada artesanalment... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 44%CPEs: 2EXPL: 0CVE-2007-5269 – libpng DoS via multiple out-of-bounds reads
https://notcve.org/view.php?id=CVE-2007-5269
08 Oct 2007 — Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations. Determinados manejadores de fragmentos en libpng anterior a 1.0.29 y 1.2.x anterior a 1.2.21 permiten a atacantes remotos provocar una denegación de servi... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 0CVE-2007-5268 – Gentoo Linux Security Advisory 201412-11
https://notcve.org/view.php?id=CVE-2007-5268
08 Oct 2007 — pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image. pngrtran.c en libpng anterior a 1.0.29 y 1.2.x anterior a 1.2.21 utiliza (1) operaciones lógicas en vez de operación sobre bits y (2) comparaciones incorrectas, lo cual podría permitir a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen PNG manipu... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html •
CVSS: 6.5EPSS: 3%CPEs: 2EXPL: 0CVE-2007-5266 – Gentoo Linux Security Advisory 201412-11
https://notcve.org/view.php?id=CVE-2007-5266
08 Oct 2007 — Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated. Error de superación de límite (off-by-one) en el manejo de perfiles ICC en la función png_set_iCCP de pngset.c en libpng anterior a 1.0.29 beta1 y 1.2.x anterior a 1.2.21 beta1 permite a atacantes remotos provocar una denega... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 68%CPEs: 3EXPL: 0CVE-2007-2445 – libpng png_handle_tRNS flaw
https://notcve.org/view.php?id=CVE-2007-2445
16 May 2007 — The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. La función png_handle_tRNS en pngrutil.c en libpng anterior a 1.0.25 y 1.2.x anterior a 1.2.17 permite a atacantes remotos provocar denegación de servicio (caida de aplicación) a través de un imagen PNG en escala de grises con un mal valor del CRC de un trozo del tRNS. Multiple vulnerabil... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html •
CVSS: 7.5EPSS: 4%CPEs: 18EXPL: 0CVE-2006-5793 – libpng DoS
https://notcve.org/view.php?id=CVE-2006-5793
17 Nov 2006 — The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. El trozo de sPLT manejador de código (la función png_set_sPLT en pngset.c) en libpng 1.0.6 hasta la 1.2.12 usa un operador de sizeof sobre un tipo de datos erroneo, lo cual permite a un atacante dependiente del contexto provocar ... • http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 0CVE-2006-3334
https://notcve.org/view.php?id=CVE-2006-3334
30 Jun 2006 — Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". Desbordamiento de búfer en la función png_decompress_chunk en pngrutil.c en libpng anteriores a v1.2.12 permite a los atacantes dependientes de contexto causar una denegación de servicios y posiblemente ejecutar arbitrariam... • http://docs.info.apple.com/article.html?artnum=307562 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2006-0481
https://notcve.org/view.php?id=CVE-2006-0481
31 Jan 2006 — Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image. • ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.8-README.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 90%CPEs: 7EXPL: 5CVE-2004-0597 – LibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0597
05 Aug 2004 — Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. • https://www.exploit-db.com/exploits/393 •
CVSS: 6.5EPSS: 16%CPEs: 1EXPL: 2CVE-2004-0598
https://notcve.org/view.php?id=CVE-2004-0598
05 Aug 2004 — The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. La función png_handle_iCCP en libpng 1.2.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una cierta imagen PNG que dispara una desreferencia nula. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 •