CVE-2007-5268

Executive Summary

Informations
Name	CVE-2007-5268	First vendor Publication	2007-10-08
Vendor	Cve	Last vendor Modification	2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:P)
Cvss Base Score	4.3	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268

CPE : Common Platform Enumeration

Type	Description	Count
Application	Libpng Libpng cpe:/a:libpng:libpng:1.2.20 cpe:/a:libpng:libpng:1.0.28	2

Open Source Vulnerability Database (OSVDB)

id	Description
38273	libpng pngrtran.c Crafted PNG Multiple Method DoS

Internal Sources (Detail)

Source	Url
APPLE	http://lists.apple.com/archives/security-announce/2008//May/msg00001.html http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
BID	http://www.securityfocus.com/bid/25956
BUGTRAQ	http://www.securityfocus.com/archive/1/archive/1/483582/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/489135/100/0/threaded
CERT	http://www.us-cert.gov/cas/techalerts/TA08-150A.html
CONFIRM	http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-rel... http://bugs.gentoo.org/show_bug.cgi?id=195261 http://docs.info.apple.com/article.html?artnum=307562 http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm https://issues.rpath.com/browse/RPL-1814
GENTOO	http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
MANDRIVA	http://www.mandriva.com/security/advisories?name=MDKSA-2007:217
MISC	http://www.coresecurity.com/?action=item&id=2148
MLIST	http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082... http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBD... http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24...
SECUNIA	http://secunia.com/advisories/27093 http://secunia.com/advisories/27284 http://secunia.com/advisories/27405 http://secunia.com/advisories/27529 http://secunia.com/advisories/27629 http://secunia.com/advisories/27746 http://secunia.com/advisories/29420 http://secunia.com/advisories/30161 http://secunia.com/advisories/30430 http://secunia.com/advisories/35302 http://secunia.com/advisories/35386
SLACKWARE	http://slackware.com/security/viewer.php?l=slackware-security&y=2007&...
SUNALERT	http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
UBUNTU	http://www.ubuntu.com/usn/usn-538-1
VUPEN	http://www.vupen.com/english/advisories/2007/3390 http://www.vupen.com/english/advisories/2008/0924/references http://www.vupen.com/english/advisories/2008/1697 http://www.vupen.com/english/advisories/2009/1462 http://www.vupen.com/english/advisories/2009/1560

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-11 10:38:19	Multiple Updates

Type	Count
CPE ID(s)	2
osvdb(s)	1

Related	Severity
TA08-150A	(Critical)
GLSA-200805-07	(Critical)
USN-730-1	(High)
SUN-259989	(High)
USN-538-1	(Medium)
MDKSA-2007:217	(Medium)
GLSA-200711-08	(Medium)

Same Subject	Severity
Login to view 65 more Alert(s)

CVE-2007-5268

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU