The png_err function in pngerror.c in libpng 1.0.x prior to 1.0.55, 1.2.x prior to 1.2.45, 1.4.x prior to 1.4.8, and 1.5.x prior to 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote malicious users to cause a denial of service (application crash) via a crafted PNG image.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libpng libpng |
||
fedoraproject fedora 14 |
||
debian debian linux 5.0 |
||
debian debian linux 6.0 |