Search for vulnerabilities
Vulnerability details: VCID-6gm2-wd6m-aaaq
Vulnerability ID VCID-6gm2-wd6m-aaaq
Aliases CVE-2007-5269
Summary CVE-2007-5269 libpng DoS via multiple out-of-bounds reads
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-125 Out-of-bounds Read
System Score Found at
rhas Moderate https://access.redhat.com/errata/RHSA-2007:0992
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.10462 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.11919 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.23342 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.30099 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.44744 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.44744 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.44744 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
epss 0.44744 https://api.first.org/data/v1/epss?cve=CVE-2007-5269
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=324771
generic_textual MODERATE http://secunia.com/advisories/27965
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2007-5269
generic_textual MODERATE http://www.novell.com/linux/security/advisories/2007_25_sr.html
Reference id Reference type URL
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
http://bugs.gentoo.org/show_bug.cgi?id=195261
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
http://lists.vmware.com/pipermail/security-announce/2008/000008.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5269.json
https://api.first.org/data/v1/epss?cve=CVE-2007-5269
https://bugzilla.redhat.com/show_bug.cgi?id=327791
https://bugzilla.redhat.com/show_bug.cgi?id=337461
http://secunia.com/advisories/27093
http://secunia.com/advisories/27284
http://secunia.com/advisories/27369
http://secunia.com/advisories/27391
http://secunia.com/advisories/27405
http://secunia.com/advisories/27492
http://secunia.com/advisories/27529
http://secunia.com/advisories/27629
http://secunia.com/advisories/27662
http://secunia.com/advisories/27746
http://secunia.com/advisories/27965
http://secunia.com/advisories/29420
http://secunia.com/advisories/30161
http://secunia.com/advisories/30430
http://secunia.com/advisories/31712
http://secunia.com/advisories/31713
http://secunia.com/advisories/34388
http://secunia.com/advisories/35302
http://secunia.com/advisories/35386
http://security.gentoo.org/glsa/glsa-201209-25.xml
https://issues.rpath.com/browse/RPL-1814
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323
http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10614
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00072.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00353.html
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00356.html
http://www.coresecurity.com/?action=item&id=2148
http://www.debian.org/security/2009/dsa-1750
http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:217
http://www.novell.com/linux/security/advisories/2007_25_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0992.html
http://www.securityfocus.com/archive/1/483582/100/0/threaded
http://www.securityfocus.com/archive/1/489135/100/0/threaded
http://www.securityfocus.com/archive/1/489739/100/0/threaded
http://www.securityfocus.com/archive/1/495869/100/0/threaded
http://www.securityfocus.com/bid/25956
http://www.securityfocus.com/bid/28276
http://www.securitytracker.com/id?1018849
http://www.ubuntu.com/usn/usn-538-1
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
http://www.vmware.com/security/advisories/VMSA-2008-0005.html
http://www.vmware.com/security/advisories/VMSA-2008-0014.html
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
http://www.vmware.com/support/player2/doc/releasenotes_player2.html
http://www.vmware.com/support/player/doc/releasenotes_player.html
http://www.vmware.com/support/server/doc/releasenotes_server.html
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
http://www.vupen.com/english/advisories/2007/3390
http://www.vupen.com/english/advisories/2008/0905/references
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2008/1697
http://www.vupen.com/english/advisories/2008/2466
http://www.vupen.com/english/advisories/2009/1462
http://www.vupen.com/english/advisories/2009/1560
324771 https://bugzilla.redhat.com/show_bug.cgi?id=324771
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*
CVE-2007-5269 https://nvd.nist.gov/vuln/detail/CVE-2007-5269
GLSA-200711-08 https://security.gentoo.org/glsa/200711-08
GLSA-201209-25 https://security.gentoo.org/glsa/201209-25
GLSA-201412-11 https://security.gentoo.org/glsa/201412-11
RHSA-2007:0992 https://access.redhat.com/errata/RHSA-2007:0992
USN-538-1 https://usn.ubuntu.com/538-1/
USN-730-1 https://usn.ubuntu.com/730-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2007-5269
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.92818
EPSS Score 0.10462
Published At June 10, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.