CVE-2007-5268
Published: 8 October 2007
pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.
Notes
| Author | Note |
|---|---|
| jdstrand | given medium because of wide install base bug (1) is said to have been introduced in 1.2.19. Looking at pngrtran.c in 1.2.8 and 1.2.15 (as included in Ubuntu), the vulnerable code is not present bug (2) still applies to 1.2.15, but not 1.2.8 reducing to negligible as pngset.c change should not do anything |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libpng Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
(code in present in this version)
|
| edgy |
Not vulnerable
(code not present in this version)
|
|
| feisty |
Released
(1.2.15~beta5-1ubuntu1.1)
|
|
| gutsy |
Released
(1.2.15~beta5-2ubuntu0.1)
|
|
| hardy |
Released
(1.2.15~beta5-3ubuntu0.1)
|
|
| intrepid |
Not vulnerable
(1.2.27-1)
|
|
| upstream |
Released
(1.0.29 and 1.2.21)
|