Vulnerabilities > Libpng > Libpng > 1.2.26
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-01-15 | CVE-2008-5907 | Remote Security vulnerability in libpng3 The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. | 5.0 |
| 2008-09-11 | CVE-2008-3964 | Off-by-one Error vulnerability in Libpng Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c. | 4.3 |
| 2008-04-14 | CVE-2008-1382 | Numeric Errors vulnerability in Libpng libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory. | 7.5 |