exploit the possibilities
Showing 1 - 4 of 4 RSS Feed

CVE-2016-2191

Status Candidate

Overview

The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.

Related Files

Gentoo Linux Security Advisory 201608-01
Posted Aug 11, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201608-1 - Multiple vulnerabilities have been found in OptiPNG, the worst of which could lead to the remote execution of arbitrary code, or cause a Denial of Service condition. Versions less than 0.7.6 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2191, CVE-2016-3981, CVE-2016-3982
MD5 | 5b098be54be389430e087729649eb0fe
Ubuntu Security Notice USN-2951-1
Posted Apr 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2951-1 - Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service. Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service. Hans Jerry Illikainen discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-7801, CVE-2015-7802, CVE-2016-2191, CVE-2016-3981, CVE-2016-3982
MD5 | 5acb590b6bd3b61453425d27ea8e5b6c
Debian Security Advisory 3546-1
Posted Apr 8, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3546-1 - Hans Jerry Illikainen discovered that missing input sanitising in the BMP processing code of the optipng PNG optimiser may result in denial of service or the execution of arbitrary code if a malformed file is processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2016-2191
MD5 | 9092a28c959b1d9f652cdaa63dcdbaa8
Optipng Invalid Write
Posted Apr 5, 2016
Authored by Hans Jerry Illikainen

An invalid write may occur in optipng before version 0.7.6 while processing bitmap images due to `crt_row' being (inc|dec)remented without any boundary checking when encountering delta escapes.

tags | advisory
advisories | CVE-2016-2191
MD5 | 652a269ac45b0937a4f3a2dcadc3d8ab
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close