CVE-2014-0333

Related Files

Mandriva Linux Security Advisory 2015-090

Posted Mar 30, 2015

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-090 - The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service via an IDAT chunk with a length of zero. libpng versions 1.6.9 through 1.6.15 have an integer-overflow vulnerability in png_combine_row() when decoding very wide interlaced images, which can allow an attacker to overwrite an arbitrary amount of memory with arbitrary data.

tags | advisory, remote, denial of service, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2014-0333, CVE-2014-9495

SHA-256 | 721892150da01f6313a1b99a68e76de5d0f151f714d22a4bb6438918cbb8aa9b

Download | Favorite | View

Gentoo Linux Security Advisory 201408-06

Posted Aug 14, 2014

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201408-6 - Multiple vulnerabilities have been discovered in libpng which can allow a remote attacker to cause a Denial of Service condition. Versions less than 1.6.10 are affected.

tags | advisory, remote, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2013-7353, CVE-2013-7354, CVE-2014-0333

SHA-256 | d30d09fec9bcf10c9b41888af15d3e75411f140253319d7e244b00fb476a98d7

Download | Favorite | View