Vulnerabilities > Greg Roelofs > Libpng > 1.2.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-11-17 | CVE-2006-5793 | Improper Input Validation vulnerability in Greg Roelofs Libpng The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. | 2.6 |
2006-06-30 | CVE-2006-3334 | Buffer Overflow vulnerability in Libpng Graphics Library Chunk Error Processing Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". | 7.5 |
2006-01-31 | CVE-2006-0481 | Buffer Errors vulnerability in Greg Roelofs Libpng 1.2.7 Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image. | 5.0 |