FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

optipng -- multiple vulnerabilities

Affected packages
optipng < 0.7.6

Details

VuXML ID 8fedf75c-ef2f-11e6-900e-003048f78448
Discovery 2015-10-09
Entry 2017-02-16

ifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.

The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.

Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.

References

CVE Name CVE-2015-7802
CVE Name CVE-2016-2191
CVE Name CVE-2016-3981
CVE Name CVE-2016-3982