Search for packages
| purl | pkg:nuget/libpng@1.4.0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-51sn-78qt-aaab
Aliases: CVE-2011-2692 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_handle_sCAL function in pngrutil.c in libpng does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. |
Affected by 5 other vulnerabilities. |
|
VCID-52ek-nmkc-aaaf
Aliases: CVE-2015-8540 |
Out-of-bounds Read Integer underflow in the png_check_keyword function in pngwutil.c in libpng allows remote attackers to have unspecified impact via a space character as a keyword in a PNG image, which triggers an out-of-bounds read. |
Affected by 5 other vulnerabilities. |
|
VCID-53c3-zc8k-aaam
Aliases: CVE-2011-2690 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Buffer overflow in libpng , when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image. |
Affected by 5 other vulnerabilities. |
|
VCID-7ep2-beej-aaaf
Aliases: CVE-2016-10087 |
NULL Pointer Dereference The png_set_text_2 function in libpng allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure. |
Affected by 2 other vulnerabilities. Affected by 2 other vulnerabilities. |
|
VCID-ef5v-w8g5-aaak
Aliases: CVE-2012-3425 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_push_read_zTXt function in pngpread.c in libpng allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image. |
Affected by 5 other vulnerabilities. |
|
VCID-gwcb-88br-aaae
Aliases: CVE-2010-2249 |
Missing Release of Memory after Effective Lifetime Memory leak in pngrutil.c in libpng , allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. |
Affected by 9 other vulnerabilities. |
|
VCID-kerg-g769-aaap
Aliases: CVE-2011-2501 |
Out-of-bounds Read The png_format_buffer function in pngerror.c in libpng allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources. |
Affected by 9 other vulnerabilities. |
|
VCID-mfxw-xnvp-aaac
Aliases: CVE-2010-0205 |
Uncontrolled Resource Consumption The png_decompress_chunk function in pngrutil.c in libpng does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. |
Affected by 9 other vulnerabilities. |
|
VCID-t99a-x9bm-aaam
Aliases: CVE-2011-2691 |
NULL Pointer Dereference The png_err function in pngerror.c in libpng makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. |
Affected by 5 other vulnerabilities. |
|
VCID-vq4h-f8a5-aaap
Aliases: CVE-2011-3048 |
Improper Restriction of Operations within the Bounds of a Memory Buffer The png_set_text_2 function in pngset.c in libpng allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. |
Affected by 5 other vulnerabilities. |
|
VCID-wnh2-s874-aaaj
Aliases: CVE-2010-1205 |
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Buffer overflow in pngpread.c in libpng, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. |
Affected by 9 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||