Page 8 of 41 results (0.010 seconds)

CVSS: 10.0EPSS: 96%CPEs: 7EXPL: 5

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. • https://www.exploit-db.com/exploits/393 https://www.exploit-db.com/exploits/389 https://www.exploit-db.com/exploits/25094 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=1097612393 •

CVSS: 5.0EPSS: 10%CPEs: 1EXPL: 1

Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image. Múltiples desbordamientos de enteros en las funciónes (1) png_read o (2) png_handle_sPLT o la capacidad (3) visualización progresiva de imagen en libpng 1.2.5 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una imagen PNG malformada. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://marc.info/? •

CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 2

The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. La función png_handle_iCCP en libpng 1.2.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una cierta imagen PNG que dispara una desreferencia nula. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://scary.beasts.org/security/CESA-2004-001.txt http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://sunsolve.sun.com/search/document.do? •

CVSS: 5.0EPSS: 2%CPEs: 26EXPL: 0

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. La librería de Graficos de Red Portables (libpng) 1.0.15 y anteriores permiten a atacantes causar una denegación de servicio (caída) mediante un fichero de imagen PNG que dispara un error que causa un lectura fuera de límites cuando se crea el mensaje de error. • http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=108334922320309&w=2 http://marc.info/?l=bugtraq&m=108335030208523&w=2 http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2 http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2 http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://www.debian.org/security/2004/dsa-498 http://www.mandriva.com/security/advisories? • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 12%CPEs: 14EXPL: 0

Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers. • http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008 http://www.debian.org/security/2002/dsa-213 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063 http://www.novell.com/linux/security/advisories/2003_004_libpng.html http://www.redhat.com/support/errata/RHSA-2003-006.html http://www.redhat.com/support/errata/RHSA-2003-007.html http://www.redhat.com/support/errata/RHSA-2003-119.html http://www.redhat.com/support/errata/RHSA-2003-157.html http •