Multiple integer overflows in libpng prior to 1.5.14rc03 allow remote malicious users to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
libpng libpng 1.5.0 |
||
libpng libpng 1.5.1 |
||
libpng libpng 1.5.5 |
||
libpng libpng 1.5.9 |
||
libpng libpng |
||
libpng libpng 1.5.12 |
||
libpng libpng 1.5.2 |
||
libpng libpng 1.5.3 |
||
libpng libpng 1.5.7 |
||
libpng libpng 1.5.11 |
||
libpng libpng 1.5.10 |
||
libpng libpng 1.5.6 |
||
libpng libpng 1.5.13 |
||
libpng libpng 1.5.4 |
||
libpng libpng 1.5.8 |
Vulmon