Showing 1 - 7 of 7

CVE-2007-2445

Status Candidate

Overview

The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.

Related Files

Gentoo Linux Security Advisory 201412-11: Posted Dec 12, 2014; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201412-11 - Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code. Versions prior to 20140406-r1 are affected.; tags | advisory, remote, arbitrary, x86, vulnerability; systems | linux, gentoo; advisories | CVE-2007-0720, CVE-2007-1536, CVE-2007-2026, CVE-2007-2445, CVE-2007-2741, CVE-2007-3108, CVE-2007-4995, CVE-2007-5116, CVE-2007-5135, CVE-2007-5266, CVE-2007-5268, CVE-2007-5269, CVE-2007-5849, CVE-2010-1205, CVE-2013-0338, CVE-2013-0339, CVE-2013-1664, CVE-2013-1969, CVE-2013-2877, CVE-2014-0160; SHA-256 | 0d52bd946d4c830b5f1f480535296f513bafe2d3abc811d6666cbb6fb317a087; Download | Favorite | View

Debian Linux Security Advisory 1750-1: Posted Mar 24, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1750-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2007-2445, CVE-2007-5269, CVE-2008-1382, CVE-2008-5907, CVE-2008-6218, CVE-2009-0040; SHA-256 | 0e924f59ce027e66a6e689dc0b274aa6836b5b191f719fc7a80659d3e59e9152; Download | Favorite | View

Debian Linux Security Advisory 1613-1: Posted Jul 22, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1613-1 - Multiple vulnerabilities have been identified in libgd2, a library for programmatic graphics creation and manipulation. The Common Vulnerabilities and Exposures project identifies the following three issues:; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2007-3476, CVE-2007-3477, CVE-2007-3996, CVE-2007-2445; SHA-256 | 1ec400aa47c3df11688f737aeb1905ab1846b62ee1039d4e1efa0f452cf223c9; Download | Favorite | View

Core Security Technologies Advisory 2008.0124: Posted Mar 4, 2008; Authored by Core Security Technologies | Site coresecurity.com; Core Security Technologies Advisory - Google's Android SDK suffers from heap and integer overflow vulnerabilities. Proof of concept code included.; tags | exploit, overflow, vulnerability, proof of concept; advisories | CVE-2008-0986, CVE-2008-0985, CVE-2006-5793, CVE-2007-2445, CVE-2007-5267, CVE-2007-5266, CVE-2007-5268, CVE-2007-5269; SHA-256 | db70984bcafa3398efb1a27f29b4cb70fd1830830d6b36d9e5f74f71f24c8993; Download | Favorite | View

Ubuntu Security Notice 472-1: Posted Jun 13, 2007; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 472-1 - It was discovered that libpng did not correctly handle corrupted CRC in grayscale PNG images. By tricking a user into opening a specially crafted PNG, a remote attacker could cause the application using libpng to crash, resulting in a denial of service.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2007-2445; SHA-256 | 68c0879bee678937de9cab932f96a653d4b168290a6a0071122c09a02257fce6; Download | Favorite | View

Mandriva Linux Security Advisory 2007.116: Posted Jun 7, 2007; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory - A flaw how libpng handled malformed images was discovered. An attacker able to create a carefully crafted PNG image could cause an application linked with libpng to crash when the file was manipulated.; tags | advisory; systems | linux, mandriva; advisories | CVE-2007-2445; SHA-256 | 017e9fa350056fb86d18ca033b7d565a504ce7aadef5c8c7be4eb2fa8f4139dc; Download | Favorite | View

OpenPKG Security Advisory 2007.13: Posted May 21, 2007; Authored by OpenPKG Foundation | Site openpkg.com; OpenPKG Security Advisory - As confirmed by the vendor, a Denial of Service (DoS) vulnerability exists in the PNG image format library libpng. The bug is a NULL-pointer-dereference vulnerability involving palette images with a malformed "tRNS" PNG chunk, i.e., one with a bad CRC value. This bug can, at a minimum, cause crashes in applications simply by displaying a malformed image.; tags | advisory, denial of service; advisories | CVE-2007-2445; SHA-256 | 63c3acc1ae79ee72024eb0a8d12f1655d8911415ac30f629fe2c5728b871eecc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

CVE-2007-2445

Overview

Related Files

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems