FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

png -- multiple vulnerabilities

Affected packages
png < 1.2.22

Details

VuXML ID 172acf78-780c-11dc-b3f4-0016179b2dd5
Discovery 2007-10-08
Entry 2007-10-11

A Secunia Advisory reports:

Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).

Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency extension, and an incorrect use of sizeof() may be exploited to crash an application using the library.

Various out-of-bounds read errors exist within the functions png_handle_pCAL(), png_handle_sCAL(), png_push_read_tEXt(), png_handle_iTXt(), and png_handle_ztXt(), which may be exploited by exploited to crash an application using the library.

The vulnerability is caused due to an off-by-one error within the ICC profile chunk handling, which potentially can be exploited to crash an application using the library.

References

CVE Name CVE-2007-5266
CVE Name CVE-2007-5267
CVE Name CVE-2007-5268
CVE Name CVE-2007-5269
URL http://secunia.com/advisories/27093/
URL http://secunia.com/advisories/27130/