// For flags

CVE-2006-3334

 

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name".

Desbordamiento de búfer en la función png_decompress_chunk en pngrutil.c en libpng anteriores a v1.2.12 permite a los atacantes dependientes de contexto causar una denegación de servicios y posiblemente ejecutar arbitrariamente código a través de vectores no especificado en relación a "error de procesamiento", posiblemente relacionados con "chunk_name"

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-06-30 CVE Reserved
  • 2006-06-30 CVE Published
  • 2023-05-04 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (25)
URL Tag Source
http://docs.info.apple.com/article.html?artnum=307562 X_refsource_confirm
http://secunia.com/advisories/20960 Third Party Advisory
http://secunia.com/advisories/22956 Third Party Advisory
http://secunia.com/advisories/22957 Third Party Advisory
http://secunia.com/advisories/22958 Third Party Advisory
http://secunia.com/advisories/23335 Third Party Advisory
http://secunia.com/advisories/29420 Third Party Advisory
http://secunia.com/advisories/33137 Third Party Advisory
http://sourceforge.net/project/shownotes.php?group_id=5624&release_id=428123 X_refsource_confirm
http://www.securityfocus.com/archive/1/440594/100/0/threaded Mailing List
http://www.securityfocus.com/bid/18698 Vdb Entry
http://www.vupen.com/english/advisories/2006/2585 Vdb Entry
http://www.vupen.com/english/advisories/2008/0924/references Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/27468 Vdb Entry
https://issues.rpath.com/browse/RPL-517 X_refsource_confirm
URL Date SRC
URL Date SRC
URL Date SRC
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html 2018-10-18
http://security.gentoo.org/glsa/glsa-200607-06.xml 2018-10-18
http://security.gentoo.org/glsa/glsa-200812-15.xml 2018-10-18
http://www.mandriva.com/security/advisories?name=MDKSA-2006:209 2018-10-18
http://www.mandriva.com/security/advisories?name=MDKSA-2006:210 2018-10-18
http://www.mandriva.com/security/advisories?name=MDKSA-2006:211 2018-10-18
http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 2018-10-18
http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 2018-10-18
http://www.novell.com/linux/security/advisories/2006_16_sr.html 2018-10-18
http://www.novell.com/linux/security/advisories/2006_28_sr.html 2018-10-18
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 <= 1.2.11
Search vendor "Greg Roelofs" for product "Libpng" and version " <= 1.2.11"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.0
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.0"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.1
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.1"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.2
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.2"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.3
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.3"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.4
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.4"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.5
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.5"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.6
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.6"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.7
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.7"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.7rc1
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.7rc1"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.8
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.8"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.9
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.9"
-
Affected
Greg Roelofs
Search vendor "Greg Roelofs"
 Libpng
Search vendor "Greg Roelofs" for product "Libpng"
 1.2.10
Search vendor "Greg Roelofs" for product "Libpng" and version "1.2.10"
-
Affected