VYPR

Libpng

by Pnggroup

Source repositories

CVEs (28)

  • CVE-2006-3334Jun 30, 2006
    risk 0.00cvss epss 0.04

    Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the…

  • CVE-2006-0481Jan 31, 2006
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.

  • CVE-2004-0598Nov 23, 2004
    risk 0.00cvss epss 0.06

    The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.

  • CVE-2004-0599Nov 23, 2004
    risk 0.00cvss epss 0.06

    Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed…

  • CVE-2004-0768Oct 20, 2004
    risk 0.00cvss epss 0.03

    libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

  • CVE-2002-1363Dec 26, 2002
    risk 0.00cvss epss 0.06

    Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.

  • CVE-2002-0660Aug 12, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728.

  • CVE-2002-0728Aug 12, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.

Page 2 of 2