5
CVE-2006-7244
- EPSS 1.24%
- Veröffentlicht 31.08.2011 23:55:00
- Zuletzt bearbeitet 16.06.2026 22:34:39
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Memory leak in pngwutil.c in libpng 1.2.13beta1, and other versions before 1.2.15beta3, allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.24% | 0.653 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=948ee23a2a400672b1751cfc646a7467741e9b2e#patch18
http://www.openwall.com/lists/oss-security/2011/03/22/7
http://www.openwall.com/lists/oss-security/2011/03/28/6
https://bugs.gentoo.org/159216?id=159216