Gentoo Linux Security Advisory 201412-11 - Multiple vulnerabilities have been found in AMD64 x86 emulation base libraries, the worst of which may allow remote execution of arbitrary code. Versions prior to 20140406-r1 are affected.
0d52bd946d4c830b5f1f480535296f513bafe2d3abc811d6666cbb6fb317a087Ubuntu Security Notice USN-730-1 - A large amount of vulnerabilities in libpng have been addressed. These range from denial of service to remote code execution issues.
bf1668416bc0c504288cc177db2f2c946b397313a140888d671c84f861f5103dCore Security Technologies Advisory - Google's Android SDK suffers from heap and integer overflow vulnerabilities. Proof of concept code included.
db70984bcafa3398efb1a27f29b4cb70fd1830830d6b36d9e5f74f71f24c8993Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in libpng including an off-by-one error and out of bounds read errors.
c37104d040ce7628fd58f11b0d8b28b5e2b0b47e751c023aecfe5cc2bd45047aGentoo Linux Security Advisory GLSA 200711-08 - An off-by-one error when handling ICC profile chunks in the png_set_iCCP() function was discovered. George Cook and Jeff Phillips reported several errors in pngrtran.c, the use of logical instead of a bitwise functions and incorrect comparisons. Tavis Ormandy reported out-of-bounds read errors in several PNG chunk handling functions. Versions less than 1.2.21-r3 are affected.
d69eab70f1eed07c06dddfddec2d2a89e5accf81afc417284e481013a4068d2fUbuntu Security Notice 538-1 - It was discovered that libpng did not properly perform bounds checking and comparisons in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng.
2b20b75f005f129b60076a0029902d501282fd1f58699b341d0d3f01535a3f5d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed