CVE-2007-5268 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-5268
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5268

Description: pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-538-1 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 SAID Secunia Advisory: SA30430 Secunia Advisory: SA30161 Secunia Advisory: SA27746 Secunia Advisory: SA29420 Secunia Advisory: SA27629 Secunia Advisory: SA27529 Secunia Advisory: SA27093 Secunia Advisory: SA27284 Secunia Advisory: SA27405 Secunia Advisory: SA35302 Secunia Advisory: SA35386 MLIST http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com MISC http://www.coresecurity.com/?action=item&id=2148 MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm http://docs.info.apple.com/article.html?artnum=307562 http://bugs.gentoo.org/show_bug.cgi?id=195261 http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html CERT http://www.us-cert.gov/cas/techalerts/TA08-150A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/489135/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/483582/100/0/threaded BID 25956 APPLE http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

Return to the previous page.