Page 8 of 42 results (0.004 seconds)

CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 0

Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". Desbordamiento de búfer en la función png_decompress_chunk en pngrutil.c en libpng anteriores a v1.2.12 permite a los atacantes dependientes de contexto causar una denegación de servicios y posiblemente ejecutar arbitrariamente código a través de vectores no especificado en relación a "error de procesamiento", posiblemente relacionados con "chunk_name" • http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://secunia.com/advisories/20960 http://secunia.com/advisories/22956 http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://secunia.com/advisories/23335 http://secunia.com/advisories/29420 http://secunia.com/advisories/33137 http://security.gentoo.org/glsa/glsa-200607-06.xml http://security.gentoo.org/glsa/glsa-200812-15.x •

CVSS: 10.0EPSS: 96%CPEs: 7EXPL: 5

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. • https://www.exploit-db.com/exploits/393 https://www.exploit-db.com/exploits/389 https://www.exploit-db.com/exploits/25094 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=1097612393 •

CVSS: 5.0EPSS: 10%CPEs: 1EXPL: 1

Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image. Múltiples desbordamientos de enteros en las funciónes (1) png_read o (2) png_handle_sPLT o la capacidad (3) visualización progresiva de imagen en libpng 1.2.5 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una imagen PNG malformada. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://marc.info/? •

CVSS: 5.0EPSS: 14%CPEs: 1EXPL: 2

The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference. La función png_handle_iCCP en libpng 1.2.5 y anteriores permite a atacantes remotos causar una denegación de servicio (caída de aplicación) mediante una cierta imagen PNG que dispara una desreferencia nula. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://scary.beasts.org/security/CESA-2004-001.txt http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://sunsolve.sun.com/search/document.do? •

CVSS: 5.0EPSS: 2%CPEs: 26EXPL: 0

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. La librería de Graficos de Red Portables (libpng) 1.0.15 y anteriores permiten a atacantes causar una denegación de servicio (caída) mediante un fichero de imagen PNG que dispara un error que causa un lectura fuera de límites cuando se crea el mensaje de error. • http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=108334922320309&w=2 http://marc.info/?l=bugtraq&m=108335030208523&w=2 http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2 http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2 http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://www.debian.org/security/2004/dsa-498 http://www.mandriva.com/security/advisories? • CWE-125: Out-of-bounds Read •