New Search

Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL) (2) sCAL (png_handle_sCAL) (3) tEXt (png_push_read_tEXt) (4) iTXt (png_handle_iTXt) and (5) ztXT (png_handle_ztXt) chunking in PNG images which trigger out-of-bounds read operations.

oval:org.mitre.oval:def:10614

Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL) (2) sCAL (png_handle_sCAL) (3) tEXt (png_push_read_tEXt) (4) iTXt (png_handle_iTXt) and (5) ztXT (png_handle_ztXt) chunking in PNG images which trigger out-of-bounds read operations.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Red Hat Enterprise Linux 3
  • CentOS Linux 3
  • Red Hat Enterprise Linux 4
  • Oracle Linux 4
  • CentOS Linux 5
  • CentOS Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-5269
Product(s):