CVSS: 9.3EPSS: 6%CPEs: 4EXPL: 1CVE-2015-7801 – Ubuntu Security Notice USN-2951-1
https://notcve.org/view.php?id=CVE-2015-7801
18 Apr 2016 — Use-after-free vulnerability in OptiPNG 0.6.4 allows remote attackers to execute arbitrary code via a crafted PNG file. Vulnerabilidad de uso después de liberación de memoria en OptiPNG 0.6.4 permite a atacantes remotos ejecutar código arbitrario a través de un archivo PNG manipulado. Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service. Gustavo Grieco discover... • http://www.openwall.com/lists/oss-security/2015/09/16/1 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2015-7802 – Ubuntu Security Notice USN-2951-1
https://notcve.org/view.php?id=CVE-2015-7802
18 Apr 2016 — gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file. gifread.c en gif2png, tal como se utiliza en OptiPNG en versiones anteriores a 0.7.6, permite a atacantes remotos provocar una denegación de servicio (lectura de memoria no inicializada) a través de un archivo GIF manipulado. Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially cra... • http://optipng.sourceforge.net/history.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 1CVE-2016-3981 – Gentoo Linux Security Advisory 201608-01
https://notcve.org/view.php?id=CVE-2016-3981
13 Apr 2016 — Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file. Desbordamiento de buffer basado en memoria dinámica en la función bmp_read_rows en pngxrbmp.c en OptiPNG en versiones anteriores a 0.7.6 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de rango o escritura de acceso y caída) ... • http://bugs.fi/media/afl/optipng/1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2016-3982 – Gentoo Linux Security Advisory 201608-01
https://notcve.org/view.php?id=CVE-2016-3982
13 Apr 2016 — Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow. Error por un paso en la función bmp_rle4_fread en pngxrbmp.c en OptiPNG en versiones anteriores a 0.7.6 permite a atacantes remotos provocar una denegación de servicio (acceso a lectura o escritura fuera de rango y caída... • http://bugs.fi/media/afl/optipng/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 1CVE-2016-2191 – Gentoo Linux Security Advisory 201608-01
https://notcve.org/view.php?id=CVE-2016-2191
05 Apr 2016 — The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image. La función bmp_read_rows en pngxtern/pngxrbmp.c en OptiPNG en versiones anteriores a 0.7.6 permite a atacantes remotos provocar una denegación de servicio (escritura de memoria inválida y caída) a través de una serie de escapes delta en una imagen BMP manipulada. Gustavo Grieco discovered that Opt... • http://lists.opensuse.org/opensuse-updates/2016-04/msg00061.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 4EXPL: 3CVE-2012-4432 – Gentoo Linux Security Advisory 201404-03
https://notcve.org/view.php?id=CVE-2012-4432
01 Oct 2012 — Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction." Vulnerabilidad de error en la gestión de recursos en opngreduc.c en OptiPNG Hg y v0.7.3 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados, relacionados con "reducción de paleta" A use-after-free error in OptiPNG could result in execution of arbitrary code or Denial... • http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0749
https://notcve.org/view.php?id=CVE-2009-0749
02 Mar 2009 — Use-after-free vulnerability in the GIFReadNextExtension function in lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a crafted GIF image that causes the realloc function to return a new pointer, which triggers memory corruption when the old pointer is accessed. Vulnerabilidad del tipo "use-after-free" (usar recurso después de haberlo liberado o destruido) en la función GIFReadNextExtension en lib/pngxtern/gif/gif... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 1CVE-2008-5101
https://notcve.org/view.php?id=CVE-2008-5101
17 Nov 2008 — Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow." Desbordamiento de búfer en el lector BMP en OptiPNG v0.6 y v0.6.1 permite a atacantes con usuario asistido ejecutar código de su elección a través de una imagen BMP manipulada, relacionado con un "desbordamiento de array". • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505399 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •