This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Libbpg Project First view 2016-07-15
Product Libbpg Last view 2017-01-26
Version 0.9.4 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:libbpg_project:libbpg

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2017-01-26 CVE-2016-8710

An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. A crafted BPG image decoded by libbpg can cause an integer underflow vulnerability causing an out of bounds heap write leading to remote code execution. This vulnerability can be triggered via attempting to decode a crafted BPG image using Libbpg.

8.8 2016-07-15 CVE-2016-5637

The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a "type confusion" issue.

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-787 Out-of-bounds Write
50% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Snort® IPS/IDS

Date Description
2017-01-18 libBPG restore_tqb_pixel out of bounds write attempt
RuleID : 41311 - Type : FILE-IMAGE - Revision : 3
2017-01-18 libBPG restore_tqb_pixel out of bounds write attempt
RuleID : 41310 - Type : FILE-IMAGE - Revision : 4