CVE-2007-5268

Severity

43%

Complexity

86%

Confidentiality

48%

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P).

Overview

Type

Canonical Ubuntu Linux

First reported 17 years ago

2007-10-08 21:17:00

Last updated 6 years ago

2018-10-26 14:11:00

Affected Software

Canonical Ubuntu Linux 6.06 LTS (Long-Term Support)

6.06

Canonical Ubuntu Linux 6.10

6.10

Canonical Ubuntu Linux 7.04

7.04

Canonical Ubuntu Linux 7.10

7.10

References

http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html

Third Party Advisory

http://bugs.gentoo.org/show_bug.cgi?id=195261

Third Party Advisory

http://docs.info.apple.com/article.html?artnum=307562

Third Party Advisory

APPLE-SA-2008-05-28

Mailing List, Third Party Advisory

APPLE-SA-2008-03-18

Mailing List, Third Party Advisory

27093

Third Party Advisory

27284

Third Party Advisory

27405

Third Party Advisory

27529

Third Party Advisory

27629

Third Party Advisory

27746

Third Party Advisory

29420

Third Party Advisory

30161

Third Party Advisory

30430

Third Party Advisory

35302

Third Party Advisory

35386

Third Party Advisory

SSA:2007-325-01

Third Party Advisory

[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released

Patch, Third Party Advisory

[png-mng-implement] 20070911 FW: Compiler warnings for pngrtran.c

Third Party Advisory

[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1

Patch, Third Party Advisory

259989

Broken Link

1020521

Broken Link

http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm

Third Party Advisory

http://www.coresecurity.com/?action=item&id=2148

Third Party Advisory

GLSA-200711-08

Third Party Advisory

GLSA-200805-07

Third Party Advisory

MDKSA-2007:217

Third Party Advisory

20071112 FLEA-2007-0065-1 libpng

Third Party Advisory, VDB Entry

20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK

Third Party Advisory, VDB Entry

25956

Third Party Advisory, VDB Entry

USN-538-1

Third Party Advisory

TA08-150A

Third Party Advisory, US Government Resource

ADV-2007-3390

Third Party Advisory

ADV-2008-0924

Third Party Advisory

ADV-2008-1697

Third Party Advisory

ADV-2009-1462

Third Party Advisory

ADV-2009-1560

Third Party Advisory

https://issues.rpath.com/browse/RPL-1814

Broken Link

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.