This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Libpng First view 2008-09-10
Product Libpng Last view 2019-07-10
Version 1.2.41 Type Application
Update beta7  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:libpng:libpng

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2019-07-10 CVE-2017-12652

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

7.8 2016-07-10 CVE-2016-3751

Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23265085.

7.5 2015-11-12 CVE-2015-8126

Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.

7.5 2015-01-18 CVE-2015-0973

Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.

10 2015-01-10 CVE-2014-9495

Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.

5 2014-05-06 CVE-2013-7354

Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service (crash) via a crafted image to the (1) png_set_sPLT or (2) png_set_text_2 function, which triggers a heap-based buffer overflow.

5 2014-05-06 CVE-2013-7353

Integer overflow in the png_set_unknown_chunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow.

5 2014-01-12 CVE-2013-6954

The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.

6.8 2012-03-22 CVE-2011-3045

Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.

4.3 2011-07-17 CVE-2011-2692

The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory.

5 2011-07-17 CVE-2011-2691

The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.

6.8 2011-07-17 CVE-2011-2690

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image.

4.3 2011-07-17 CVE-2011-2501

The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.

5 2010-06-30 CVE-2010-2249

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

7.5 2010-06-30 CVE-2010-1205

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

7.8 2010-03-03 CVE-2010-0205

The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.

4.3 2008-09-10 CVE-2008-3964

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

CWE : Common Weakness Enumeration

%idName
46% (6) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
23% (3) CWE-399 Resource Management Errors
15% (2) CWE-189 Numeric Errors
7% (1) CWE-190 Integer Overflow or Wraparound
7% (1) CWE-20 Improper Input Validation

Open Source Vulnerability Database (OSVDB)

id Description
73984 libpng png_rgb_to_gray Function PNG File Handling Overflow
73983 libpng pngerror.c png_err Function NULL Argument PNG File Handling DoS
73982 libpng pngrutil.c png_handle_sCAL Function PNG File Handling Memory Corruptio...
73493 libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
66600 Mozilla Multiple Products PNG File Handling Overflow
65853 libpng pngrutil.c sCAL Chunk Memory Corruption DoS
65852 libpng pngpread.c PNG Image Data Height Overflow
62670 libpng pngrutil.c png_decompress_chunk Function Ancillary Chunks PNG File Dec...
48298 libpng pngread.c png_push_read_zTXt() Function Off-By-One

ExploitDB Exploits

id Description
14422 libpng <= 1.4.2 Denial of Service Vulnerability

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-09-18 Name : Debian Security Advisory DSA 2439-1 (libpng - buffer overflow)
File : nvt/deb_2439_1.nasl
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0466-1 (update)
File : nvt/gb_suse_2012_0466_1.nasl
2012-09-10 Name : Slackware Advisory SSA:2012-206-01 libpng
File : nvt/esoft_slk_ssa_2012_206_01.nasl
2012-08-30 Name : Fedora Update for libpng10 FEDORA-2012-3507
File : nvt/gb_fedora_2012_3507_libpng10_fc17.nasl
2012-08-30 Name : Fedora Update for libpng FEDORA-2012-3605
File : nvt/gb_fedora_2012_3605_libpng_fc17.nasl
2012-08-10 Name : Gentoo Security Advisory GLSA 201206-15 (libpng)
File : nvt/glsa_201206_15.nasl
2012-08-03 Name : Mandriva Update for libpng MDVSA-2012:033 (libpng)
File : nvt/gb_mandriva_MDVSA_2012_033.nasl
2012-07-30 Name : CentOS Update for libpng10 CESA-2011:1103 centos4 x86_64
File : nvt/gb_CESA-2011_1103_libpng10_centos4_x86_64.nasl
2012-07-30 Name : CentOS Update for libpng CESA-2011:1104 centos5 x86_64
File : nvt/gb_CESA-2011_1104_libpng_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for libpng CESA-2012:0407 centos5
File : nvt/gb_CESA-2012_0407_libpng_centos5.nasl
2012-07-30 Name : CentOS Update for libpng CESA-2012:0407 centos6
File : nvt/gb_CESA-2012_0407_libpng_centos6.nasl
2012-07-09 Name : RedHat Update for libpng RHSA-2011:1105-01
File : nvt/gb_RHSA-2011_1105-01_libpng.nasl
2012-05-18 Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-04-30 Name : FreeBSD Ports: chromium
File : nvt/freebsd_chromium10.nasl
2012-04-26 Name : Fedora Update for libpng FEDORA-2012-5515
File : nvt/gb_fedora_2012_5515_libpng_fc15.nasl
2012-04-26 Name : Fedora Update for libpng FEDORA-2012-5518
File : nvt/gb_fedora_2012_5518_libpng_fc16.nasl
2012-04-11 Name : Fedora Update for libpng10 FEDORA-2012-5079
File : nvt/gb_fedora_2012_5079_libpng10_fc15.nasl
2012-04-11 Name : Fedora Update for libpng10 FEDORA-2012-5080
File : nvt/gb_fedora_2012_5080_libpng10_fc16.nasl
2012-04-02 Name : Fedora Update for libpng10 FEDORA-2012-3536
File : nvt/gb_fedora_2012_3536_libpng10_fc15.nasl
2012-04-02 Name : Fedora Update for libpng10 FEDORA-2012-3545
File : nvt/gb_fedora_2012_3545_libpng10_fc16.nasl
2012-04-02 Name : Fedora Update for libpng FEDORA-2012-3705
File : nvt/gb_fedora_2012_3705_libpng_fc15.nasl
2012-03-26 Name : Fedora Update for libpng FEDORA-2012-3739
File : nvt/gb_fedora_2012_3739_libpng_fc16.nasl
2012-03-26 Name : Ubuntu Update for libpng USN-1402-1
File : nvt/gb_ubuntu_USN_1402_1.nasl
2012-03-26 Name : Google Chrome Multiple Vulnerabilities (Linux) - Mar 12
File : nvt/secpod_google_chrome_mult_vuln_lin_mar12.nasl
2012-03-26 Name : Google Chrome Multiple Vulnerabilities (MAC OS X) - Mar 12
File : nvt/secpod_google_chrome_mult_vuln_macosx_mar12.nasl

Snort® IPS/IDS

Date Description
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52307 - Type : FILE-IMAGE - Revision : 1
2019-12-24 Mutiple products libpng extra row heap overflow attempt
RuleID : 52306 - Type : FILE-IMAGE - Revision : 1
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 25066 - Type : FILE-IMAGE - Revision : 4
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 25065 - Type : FILE-IMAGE - Revision : 5
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 22109 - Type : FILE-IMAGE - Revision : 10
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 22108 - Type : FILE-IMAGE - Revision : 10
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 22107 - Type : FILE-IMAGE - Revision : 10
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 22106 - Type : FILE-IMAGE - Revision : 11
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 22105 - Type : FILE-IMAGE - Revision : 12
2014-01-10 libpng chunk decompression integer overflow attempt
RuleID : 22104 - Type : FILE-IMAGE - Revision : 11
2014-01-10 libpng png_inflate buffer overflow attempt
RuleID : 21990 - Type : FILE-IMAGE - Revision : 4
2014-01-10 libpng png_inflate buffer overflow attempt
RuleID : 21989 - Type : FILE-IMAGE - Revision : 4
2014-01-10 libpng png_inflate buffer overflow attempt
RuleID : 21988 - Type : FILE-IMAGE - Revision : 4
2014-01-10 libpng png_inflate buffer overflow attempt
RuleID : 21987 - Type : FILE-IMAGE - Revision : 4
2014-01-10 libpng png_inflate buffer overflow attempt
RuleID : 21986 - Type : FILE-IMAGE - Revision : 4
2014-01-10 libpng png_inflate buffer overflow attempt
RuleID : 21985 - Type : FILE-IMAGE - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2016-11-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201611-08.nasl - Type: ACT_GATHER_INFO
2016-07-19 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2016-1430.nasl - Type: ACT_GATHER_INFO
2016-06-23 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-754.nasl - Type: ACT_GATHER_INFO
2016-06-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL76930736.nasl - Type: ACT_GATHER_INFO
2016-05-26 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL81903701.nasl - Type: ACT_GATHER_INFO
2016-03-23 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-664.nasl - Type: ACT_GATHER_INFO
2016-03-22 Name: The remote Mac OS X host is affected by multiple vulnerabilities.
File: macosx_10_11_4.nasl - Type: ACT_GATHER_INFO
2016-03-22 Name: The remote host is missing a Mac OS X update that fixes multiple vulnerabilit...
File: macosx_SecUpd2016-002.nasl - Type: ACT_GATHER_INFO
2016-03-17 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0776-1.nasl - Type: ACT_GATHER_INFO
2016-03-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0770-1.nasl - Type: ACT_GATHER_INFO
2016-03-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201603-09.nasl - Type: ACT_GATHER_INFO
2016-03-14 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-330.nasl - Type: ACT_GATHER_INFO
2016-03-10 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2016-316.nasl - Type: ACT_GATHER_INFO
2016-03-09 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2016-0665-1.nasl - Type: ACT_GATHER_INFO
2016-03-07 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-3507.nasl - Type: ACT_GATHER_INFO
2016-03-07 Name: The remote openSUSE host is missing a security update.
File: suse_42_1_4789-160306.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-13668fff74.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-1d87313b7c.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-233750b6ab.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-3461e976cb.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-39499d9af8.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-4ad4998d00.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-501493d853.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-5e52306c9c.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote Fedora host is missing a security update.
File: fedora_2015-8a1243db75.nasl - Type: ACT_GATHER_INFO