Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng prior to 1.0.29 beta1 and 1.2.x prior to 1.2.21 beta1 allows remote malicious users to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libpng libpng |