Greg Roelofs » Libpng » 1.2.9 : Security Vulnerabilities, CVEs,

cpe:2.3:a:greg_roelofs:libpng:1.2.9:*:*:*:*:*:*:*

CVE-2006-5793

The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.
Max CVSS
2.6
EPSS Score
3.11%
Published
2006-11-17
Updated
2018-10-17

CVE-2006-3334

Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name".
Max CVSS
7.5
EPSS Score
2.04%
Published
2006-06-30
Updated
2018-10-18
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close