CVE-2007-5268

EPSS 15.26%
Veröffentlicht 08.10.2007 21:17:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 41

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Libpng ≫ Libpng Version < 1.0.29

Libpng ≫ Libpng Version >= 1.2.0 < 1.2.21

Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts

Canonical ≫ Ubuntu Linux Version6.10

Canonical ≫ Ubuntu Linux Version7.04

Canonical ≫ Ubuntu Linux Version7.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	15.26%	0.943

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

http://docs.info.apple.com/article.html?artnum=307562

Third Party Advisory

http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

Third Party Advisory

Mailing List

http://www.vupen.com/english/advisories/2008/0924/references

Third Party Advisory

http://lists.apple.com/archives/security-announce/2008//May/msg00001.html

Third Party Advisory

Mailing List

http://secunia.com/advisories/29420

Third Party Advisory

http://secunia.com/advisories/30430

Third Party Advisory

http://www.us-cert.gov/cas/techalerts/TA08-150A.html

Third Party Advisory

US Government Resource

http://www.vupen.com/english/advisories/2008/1697

Third Party Advisory

http://secunia.com/advisories/30161

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml

Third Party Advisory

http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html

Third Party Advisory

http://www.coresecurity.com/?action=item&id=2148

Third Party Advisory

http://www.securityfocus.com/archive/1/489135/100/0/threaded

Third Party Advisory

VDB Entry

http://bugs.gentoo.org/show_bug.cgi?id=195261

Third Party Advisory

http://secunia.com/advisories/27284

Third Party Advisory

http://secunia.com/advisories/27529

Third Party Advisory

http://secunia.com/advisories/27629

Third Party Advisory

http://secunia.com/advisories/27746

Third Party Advisory

http://secunia.com/advisories/35302

Third Party Advisory

http://secunia.com/advisories/35386

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323

Third Party Advisory

http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com

Patch

Third Party Advisory

http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1

Broken Link

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1

Broken Link

http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:217

Third Party Advisory

http://www.securityfocus.com/archive/1/483582/100/0/threaded

Third Party Advisory

VDB Entry

http://www.vupen.com/english/advisories/2009/1462

Third Party Advisory

http://www.vupen.com/english/advisories/2009/1560

Third Party Advisory

https://issues.rpath.com/browse/RPL-1814

Broken Link

http://secunia.com/advisories/27093

Third Party Advisory

http://secunia.com/advisories/27405

Third Party Advisory

http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement

Patch

Third Party Advisory

http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com

Third Party Advisory

http://www.securityfocus.com/bid/25956

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/usn-538-1

Third Party Advisory

http://www.vupen.com/english/advisories/2007/3390

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2007-5268

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-5268

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-5268

EUVD