Launchpad.net

CVE 2007-5267

Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266.

Related bugs and status

CVE-2007-5267 (Candidate) is related to these bugs:

Bug #185178: Please sponsor libpng 1.2.24

Summary				In	Importance	Status
	185178	Please sponsor libpng 1.2.24		libpng (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

MLIST: [png-mng-implement] 20...
SECUNIA: 27130
CONFIRM: https://issues.rpath.c...
SECUNIA: 27284
BID: 25957
SECUNIA: 27746
CONFIRM: http://android-develop...
CONFIRM: http://docs.info.apple...
APPLE: APPLE-SA-2008-03-18
SECUNIA: 29420
SUNALERT: 259989
VUPEN: ADV-2009-1462
SECUNIA: 35302
CONFIRM: http://support.avaya.c...
SECUNIA: 35386
VUPEN: ADV-2009-1560
VUPEN: ADV-2007-3391
VUPEN: ADV-2008-0924
SUNALERT: 1020521
MLIST: [png-mng-implement] 20...
MISC: http://www.coresecurit...
SLACKWARE: SSA:2007-325-01
BUGTRAQ: 20071112 FLEA-2007-006...
BUGTRAQ: 20080304 CORE-2008-012...