Vulnerabilities > Libpng > Libpng > 1.5.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-01-12 | CVE-2013-6954 | Denial of Service vulnerability in libpng 'png_read_transform_info()' Function NULL Pointer Dereference The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c. | 5.0 |
| 2012-07-22 | CVE-2011-3464 | Numeric Errors vulnerability in Libpng Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow. | 7.5 |
| 2012-05-29 | CVE-2011-3048 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libpng The png_set_text_2 function in pngset.c in libpng 1.0.x before 1.0.59, 1.2.x before 1.2.49, 1.4.x before 1.4.11, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted text chunk in a PNG image file, which triggers a memory allocation failure that is not properly handled, leading to a heap-based buffer overflow. | 6.8 |