Searching png software vulnerabilities

Buffer overflow in Links 2.0 pre4 allows remote

attackers | arbitrary | browsers | possibly | overflow | execute | Buffer | images | 16-bit | tables | remote | client | allows | gamma | large | crash | Links | code | pre4 | via | PNG |

Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.


Heap-based buffer overflow in GTKSee 0.5 and 0.

Heap-based | overflow | GTKSee | buffer |

Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.


The Portable Network Graphics library (libpng)

Graphics | Portable | library | Network |

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.


Multiple buffer overflows in libpng 1.2.5 and e

overflows | Multiple | libpng | buffer |

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.


The png_handle_iCCP function in libpng 1.2.5 an

png_handle_iCCP | function | libpng |

The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.


Windows Media Player 9 allows remote attackers

containing | attackers | arbitrary | execute | Windows | Player | remote | allows | large | Media | file | code | via | PNG |

Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."


aStats 1.6.5 allows local users to overwrite ar

aStats |

aStats 1.6.5 allows local users to overwrite arbitrary files via a symlink attack on (1) the aStats-Graphic-Signature-Generation file and (2) certain PNG image files.


Buffer overflow in Trillian 3.0 and Pro 3.0 all

arbitrary | attackers | Trillian | overflow | crafted | execute | Buffer | allows | remote | image | file | code | PNG | Pro | via |

Buffer overflow in Trillian 3.0 and Pro 3.0 allows remote attackers to execute arbitrary code via a crafted PNG image file.


Buffer overflow in the PNG image rendering comp

component | rendering | Microsoft | arbitrary | attackers | Explorer | Internet | overflow | execute | crafted | Buffer | allows | remote | image | file | code | PNG | via |

Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.


Stack-based buffer overflow in Microsoft Window

Stack-based | attackers | arbitrary | Microsoft | overflow | execute | Windows | buffer | remote | Player | allows | image | chunk | Media | large | code | size | via | PNG |

Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size.


Microsoft Windows 2000, XP, and Server 2003 all

Microsoft | Windows |

Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block.


Buffer overflow in Resco Photo Viewer for Pocke

PocketPC | overflow | Viewer | Buffer | Resco | Photo |

Buffer overflow in Resco Photo Viewer for PocketPC 4.11 and 6.01, as used in mobile devices running Windows Mobile 5.0, 2003, and 2003SE, allows remote attackers to execute arbitrary code via a crafted PNG image.


Buffer overflow in Adobe Photoshop CS2 and CS3,

user-assisted | Illustrator | attackers | Photoshop | arbitrary | Elements | overflow | crafted | execute | remote | Buffer | GoLive | allows | Adobe | code | file | PNG | CS3 | CS2 | via |

Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.


Buffer overflow in Corel Paint Shop Pro 11.20 a

overflow | Buffer | Paint | Corel | Shop | Pro |

Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.


The png_handle_tRNS function in pngrutil.c in l

png_handle_tRNS | pngrutilc | function | before | libpng |

The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.


The gdPngReadData function in libgd 2.0.34 allo

gdPngReadData | function | libgd |

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.


Microsoft Windows Explorer (explorer.exe) allow

Microsoft | Explorer | Windows |

Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png.


Off-by-one error in ICC profile chunk handling

png_set_iCCP | Off-by-one | handling | function | pngsetc | profile | before | libpng | chunk | error | ICC |

Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.


Off-by-one error in ICC profile chunk handling

png_set_iCCP | Off-by-one | handling | function | pngsetc | profile | before | libpng | chunk | error | ICC |

Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266.


Certain chunk handlers in libpng before 1.0.29

handlers | Certain | before | libpng | chunk |

Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations.


Software vulnerabilities results 1 to 20 of 38     
Page: 12