oss-sec mailing list archives
CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Tue, 24 Jul 2012 12:15:47 +0530
Hi All, An out-of heap-based buffer read flaw was found in the way libpng, a library of functions or creating and manipulating PNG (Portable Network Graphics) image format files, performed reading of PNG image file data when decompressing certain images. A remote attacker could provide a specially-crafted PNG file, which once opened in an application linked against libpng would lead to that application crash. References: [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=668082 Can a CVE id be please assigned to this issue. Thanks! -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images Huzaifa Sidhpurwala (Jul 23)
- Re: CVE Request: libpng: Out-of heap-based buffer read by inflating certain PNG images Kurt Seifried (Jul 24)