The png_set_text_2 function in libpng 0.71 prior to 1.0.67, 1.2.x prior to 1.2.57, 1.4.x prior to 1.4.20, 1.5.x prior to 1.5.28, and 1.6.x prior to 1.6.27 allows context-dependent malicious users to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libpng libpng 1.0.5g |
||
libpng libpng 1.0.37 |
||
libpng libpng 0.99e |
||
libpng libpng 0.98 |
||
libpng libpng 1.0.4d |
||
libpng libpng 1.0.41 |
||
libpng libpng 1.0.0b |
||
libpng libpng 1.0.1b |
||
libpng libpng 1.0.46 |
||
libpng libpng 0.99d |
||
libpng libpng 1.0.4c |
||
libpng libpng 1.0.65 |
||
libpng libpng 1.0.5t |
||
libpng libpng 1.0.1 |
||
libpng libpng 1.0.4e |
||
libpng libpng 1.0.1c |
||
libpng libpng 1.0.8 |
||
libpng libpng 0.81 |
||
libpng libpng 1.0.5n |
||
libpng libpng 0.88 |
||
libpng libpng 1.0.6f |
||
libpng libpng 1.0.5k |
||
libpng libpng 1.0.14 |
||
libpng libpng 0.8 |
||
libpng libpng 1.0.5q |
||
libpng libpng 0.99f |
||
libpng libpng 1.0.17 |
||
libpng libpng 1.0.35 |
||
libpng libpng 0.85 |
||
libpng libpng 1.0.4 |
||
libpng libpng 1.0.52 |
||
libpng libpng 0.95 |
||
libpng libpng 1.0.27 |
||
libpng libpng 1.0.22 |
||
libpng libpng 0.89c |
||
libpng libpng 1.0.11 |
||
libpng libpng 1.0.20 |
||
libpng libpng 1.0.55 |
||
libpng libpng 1.0.9 |
||
libpng libpng 1.0.13 |
||
libpng libpng 0.86 |
||
libpng libpng 1.0.44 |
||
libpng libpng 1.0.5c |
||
libpng libpng 1.0.6 |
||
libpng libpng 1.0.5d |
||
libpng libpng 1.0.32 |
||
libpng libpng 0.90 |
||
libpng libpng 1.0.50 |
||
libpng libpng 1.0.0a |
||
libpng libpng 1.0.5a |
||
libpng libpng 1.0.5p |
||
libpng libpng 1.0.34 |
||
libpng libpng 0.99a |
||
libpng libpng 1.0.25 |
||
libpng libpng 1.0.21 |
||
libpng libpng 1.0.5f |
||
libpng libpng 1.0.5i |
||
libpng libpng 1.0.43 |
||
libpng libpng 1.0.38 |
||
libpng libpng 1.0.3 |
||
libpng libpng 1.0.40 |
||
libpng libpng 1.0.51 |
||
libpng libpng 1.0.4f |
||
libpng libpng 1.0.18 |
||
libpng libpng 1.0.6i |
||
libpng libpng 1.0.5v |
||
libpng libpng 1.0.1e |
||
libpng libpng 1.0.4b |
||
libpng libpng 1.0.5l |
||
libpng libpng 1.0.64 |
||
libpng libpng 1.0.54 |
||
libpng libpng 1.0.7 |
||
libpng libpng 1.0.6h |
||
libpng libpng 1.0.5s |
||
libpng libpng 1.0.16 |
||
libpng libpng 1.0.59 |
||
libpng libpng 1.0.2 |
||
libpng libpng 1.0.2a |
||
libpng libpng 1.0.5 |
||
libpng libpng 1.0.3b |
||
libpng libpng 1.0.29 |
||
libpng libpng 1.0.56 |
||
libpng libpng 1.0.39 |
||
libpng libpng 1.0.42 |
||
libpng libpng 1.0.24 |
||
libpng libpng 1.0.61 |
||
libpng libpng 0.99c |
||
libpng libpng 0.99h |
||
libpng libpng 1.0.5r |
||
libpng libpng 1.0.5b |
||
libpng libpng 1.0.12 |
||
libpng libpng 1.0.15 |
||
libpng libpng 1.0.6e |
||
libpng libpng 1.0.19 |
||
libpng libpng 1.0.57 |
||
libpng libpng 1.0.62 |
||
libpng libpng 1.0.5m |
||
libpng libpng 0.99g |
||
libpng libpng 0.87 |
||
libpng libpng 1.0.28 |
||
libpng libpng 1.0.47 |
||
libpng libpng 1.0.6g |
||
libpng libpng 1.0.48 |
||
libpng libpng 1.0.66 |
||
libpng libpng 1.0.3a |
||
libpng libpng 0.97 |
||
libpng libpng 1.0.45 |
||
libpng libpng 1.0.5j |
||
libpng libpng 1.0.26 |
||
libpng libpng 1.0.1a |
||
libpng libpng 1.0.1d |
||
libpng libpng 1.0.60 |
||
libpng libpng 1.0.5h |
||
libpng libpng 1.0.6j |
||
libpng libpng 0.89 |
||
libpng libpng 1.0.33 |
||
libpng libpng 1.0.0 |
||
libpng libpng 1.0.3d |
||
libpng libpng 1.0.4a |
||
libpng libpng 1.0.5o |
||
libpng libpng 1.0.53 |
||
libpng libpng 1.0.23 |
||
libpng libpng 1.0.63 |
||
libpng libpng 0.82 |
||
libpng libpng 1.00 |
||
libpng libpng 1.0.30 |
||
libpng libpng 1.0.5u |
||
libpng libpng 1.0.10 |
||
libpng libpng 1.0.31 |
||
libpng libpng 0.71 |
||
libpng libpng 0.99 |
||
libpng libpng 1.0.58 |
||
libpng libpng 1.0.6d |
||
libpng libpng 0.99b |
||
libpng libpng 0.96 |
||
libpng libpng 1.0.5e |
||
libpng libpng 1.2.14 |
||
libpng libpng 1.2.33 |
||
libpng libpng 1.2.16 |
||
libpng libpng 1.2.35 |
||
libpng libpng 1.2.29 |
||
libpng libpng 1.2.26 |
||
libpng libpng 1.2.54 |
||
libpng libpng 1.2.46 |
||
libpng libpng 1.2.4 |
||
libpng libpng 1.2.22 |
||
libpng libpng 1.2.39 |
||
libpng libpng 1.2.55 |
||
libpng libpng 1.2.50 |
||
libpng libpng 1.2.56 |
||
libpng libpng 1.2.44 |
||
libpng libpng 1.2.0 |
||
libpng libpng 1.2.12 |
||
libpng libpng 1.2.47 |
||
libpng libpng 1.2.27 |
||
libpng libpng 1.2.18 |
||
libpng libpng 1.2.21 |
||
libpng libpng 1.2.20 |
||
libpng libpng 1.2.10 |
||
libpng libpng 1.2.38 |
||
libpng libpng 1.2.41 |
||
libpng libpng 1.2.8 |
||
libpng libpng 1.2.32 |
||
libpng libpng 1.2.3 |
||
libpng libpng 1.2.1 |
||
libpng libpng 1.2.13 |
||
libpng libpng 1.2.53 |
||
libpng libpng 1.2.45 |
||
libpng libpng 1.2.51 |
||
libpng libpng 1.2.6 |
||
libpng libpng 1.2.52 |
||
libpng libpng 1.2.24 |
||
libpng libpng 1.2.25 |
||
libpng libpng 1.2.37 |
||
libpng libpng 1.2.42 |
||
libpng libpng 1.4.9 |
||
libpng libpng 1.4.12 |
||
libpng libpng 1.4.11 |
||
libpng libpng 1.4.15 |
||
libpng libpng 1.4.4 |
||
libpng libpng 1.4.7 |
||
libpng libpng 1.4.1 |
||
libpng libpng 1.4.10 |
||
libpng libpng 1.4.2 |
||
libpng libpng 1.4.18 |
||
libpng libpng 1.4.0 |
||
libpng libpng 1.4.13 |
||
libpng libpng 1.4.6 |
||
libpng libpng 1.4.5 |
||
libpng libpng 1.4.3 |
||
libpng libpng 1.4.16 |
||
libpng libpng 1.4.8 |
||
libpng libpng 1.4.14 |
||
libpng libpng 1.4.17 |
||
libpng libpng 1.4.19 |
||
libpng libpng 1.5.14 |
||
libpng libpng 1.5.26 |
||
libpng libpng 1.5.27 |
||
libpng libpng 1.5.8 |
||
libpng libpng 1.5.10 |
||
libpng libpng 1.5.23 |
||
libpng libpng 1.5.7 |
||
libpng libpng 1.5.1 |
||
libpng libpng 1.5.20 |
||
libpng libpng 1.5.19 |
||
libpng libpng 1.5.9 |
||
libpng libpng 1.5.12 |
||
libpng libpng 1.5.21 |
||
libpng libpng 1.5.5 |
||
libpng libpng 1.5.15 |
||
libpng libpng 1.5.3 |
||
libpng libpng 1.5.17 |
||
libpng libpng 1.5.4 |
||
libpng libpng 1.5.6 |
||
libpng libpng 1.5.11 |
||
libpng libpng 1.5.2 |
||
libpng libpng 1.5.22 |
||
libpng libpng 1.5.18 |
||
libpng libpng 1.5.0 |
||
libpng libpng 1.5.24 |
||
libpng libpng 1.5.16 |
||
libpng libpng 1.5.25 |
||
libpng libpng 1.5.13 |
||
libpng libpng 1.6.25 |
||
libpng libpng 1.6.0 |
||
libpng libpng 1.6.1 |
||
libpng libpng 1.6.3 |
||
libpng libpng 1.6.8 |
||
libpng libpng 1.6.24 |
||
libpng libpng 1.6.12 |
||
libpng libpng 1.6.10 |
||
libpng libpng 1.6.17 |
||
libpng libpng 1.6.22 |
||
libpng libpng 1.6.23 |
||
libpng libpng 1.6.6 |
||
libpng libpng 1.6.15 |
||
libpng libpng 1.6.14 |
||
libpng libpng 1.6.7 |
||
libpng libpng 1.6.9 |
||
libpng libpng 1.6.18 |
||
libpng libpng 1.6.4 |
||
libpng libpng 1.6.11 |
||
libpng libpng 1.6.21 |
||
libpng libpng 1.6.2 |
||
libpng libpng 1.6.13 |
||
libpng libpng 1.6.26 |
||
libpng libpng 1.6.5 |
||
libpng libpng 1.6.19 |
||
libpng libpng 1.6.16 |
||
libpng libpng 1.6.20 |
Where were you in June 1995? Coding image libraries? Let's have a chat
Slackware has raced out of the blocks in 2017, issuing one patch for the libpng image library on New Year's Day, and two Mozilla patches. The libpng bug got its Common Vulnerabilities and Exposures number, CVE-2016-10087, on December 30. Slackware's announcement says the bug can't be exploited without active user input. The “unlikely sequence” of events to exploit the NULL dereference bug is as follows: first, an application load a text chunk into the png structure; second, it deletes all te...