CVE 2007-5268
pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.
Related bugs and status
CVE-2007-5268 (Candidate) is related to these bugs:
Bug #185178: Please sponsor libpng 1.2.24
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
185178 | Please sponsor libpng 1.2.24 | libpng (Ubuntu) | Wishlist | Fix Released |
Bug #217128: CVE-2008-1382: libpng zero-length chunks incorrect handling
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
217128 | CVE-2008-1382: libpng zero-length chunks incorrect handling | libpng (Ubuntu) | Undecided | Fix Released | ||
217128 | CVE-2008-1382: libpng zero-length chunks incorrect handling | libpng (Ubuntu Dapper) | Undecided | Fix Released | ||
217128 | CVE-2008-1382: libpng zero-length chunks incorrect handling | libpng (Ubuntu Feisty) | Undecided | Won't Fix | ||
217128 | CVE-2008-1382: libpng zero-length chunks incorrect handling | libpng (Ubuntu Gutsy) | Undecided | Fix Released | ||
217128 | CVE-2008-1382: libpng zero-length chunks incorrect handling | libpng (Ubuntu Hardy) | Undecided | Fix Released |
Bug #324258: [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
324258 | [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location | libpng (Ubuntu) | Low | Fix Released | ||
324258 | [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location | libpng (Ubuntu Dapper) | Low | Fix Released | ||
324258 | [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location | libpng (Ubuntu Gutsy) | Low | Fix Released | ||
324258 | [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location | libpng (Ubuntu Jaunty) | Low | Fix Released | ||
324258 | [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location | libpng (Ubuntu Intrepid) | Low | Fix Released | ||
324258 | [CVE-2008-5907] libpng: png_check_keyword() in pngwutil.c might allow overwriting arbitrary memory location | libpng (Ubuntu Hardy) | Low | Fix Released |
Bug #338027: libpng code injection CVE-2009-0040
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
338027 | libpng code injection CVE-2009-0040 | libpng (Ubuntu) | Medium | Fix Released | ||
338027 | libpng code injection CVE-2009-0040 | libpng (Ubuntu Dapper) | Medium | Fix Released | ||
338027 | libpng code injection CVE-2009-0040 | libpng (Ubuntu Gutsy) | Medium | Fix Released | ||
338027 | libpng code injection CVE-2009-0040 | libpng (Ubuntu Hardy) | Medium | Fix Released | ||
338027 | libpng code injection CVE-2009-0040 | libpng (Ubuntu Intrepid) | Medium | Fix Released | ||
338027 | libpng code injection CVE-2009-0040 | libpng (Ubuntu Jaunty) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.