VYPR
Unrated severityNVD Advisory· Published Feb 27, 2014· Updated Jun 17, 2026

CVE-2014-0333

CVE-2014-0333

Description

The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

20
  • Libpng/Libpng19 versions
    cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:libpng:libpng:1.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.3:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.4:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.7:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.8:beta:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:libpng:libpng:1.6.9:beta:*:*:*:*:*:*
    • (no CPE)range: >=1.6.0, <=1.6.9

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.