Libpng : Security Vulnerabilities, CVEs, Published In 2014 (Denial of service)
The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.
Max CVSS
5.0
EPSS Score
0.90%
Published
2014-02-27
Updated
2014-03-26
Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.
Max CVSS
5.0
EPSS Score
0.65%
Published
2014-05-06
Updated
2016-12-31
Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.
Max CVSS
5.0
EPSS Score
0.38%
Published
2014-05-06
Updated
2016-12-31
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
Max CVSS
5.0
EPSS Score
13.29%
Published
2014-01-12
Updated
2018-01-05
4 vulnerabilities found