The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of libpng

computer vulnerability bulletin CVE-2017-12652

libpng: buffer overflow via Chunks Length

Synthesis of the vulnerability

An attacker can trigger a buffer overflow via Chunks Length of libpng, in order to trigger a denial of service, and possibly to run code.
Impacted products: libpng.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 11/07/2019.
Identifiers: CVE-2017-12652, VIGILANCE-VUL-29748.

Description of the vulnerability

An attacker can trigger a buffer overflow via Chunks Length of libpng, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2019-7317

libpng: use after free via png_image_free

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via png_image_free() of libpng, in order to trigger a denial of service, and possibly to run code.
Impacted products: Debian, Fedora, libpng, Firefox, Thunderbird, Java OpenJDK, openSUSE Leap, Java Oracle, Solaris, RHEL, Slackware, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 05/02/2019.
Identifiers: 275, bulletinapr2019, cpujul2019, CVE-2019-7317, DSA-4435-1, FEDORA-2019-146b81efba, FEDORA-2019-3854a1727e, MFSA-2019-14, MFSA-2019-15, openSUSE-SU-2019:1484-1, openSUSE-SU-2019:1530-1, openSUSE-SU-2019:1534-1, openSUSE-SU-2019:1664-1, openSUSE-SU-2019:1912-1, openSUSE-SU-2019:1916-1, RHSA-2019:1308-01, RHSA-2019:1309-01, RHSA-2019:1310-01, RHSA-2019:2494-01, RHSA-2019:2495-01, RHSA-2019:2585-01, RHSA-2019:2590-01, RHSA-2019:2592-01, SSA:2019-107-01, SUSE-SU-2019:1388-1, SUSE-SU-2019:1398-1, SUSE-SU-2019:1398-2, SUSE-SU-2019:1405-1, SUSE-SU-2019:14160-1, SUSE-SU-2019:1458-1, SUSE-SU-2019:2021-1, SUSE-SU-2019:2028-1, SUSE-SU-2019:2036-1, SUSE-SU-2019:2291-1, SUSE-SU-2019:2336-1, SUSE-SU-2019:2371-1, USN-3962-1, USN-4080-1, USN-4083-1, VIGILANCE-VUL-28437.

Description of the vulnerability

An attacker can force the usage of a freed memory area via png_image_free() of libpng, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2019-6129

libpng: memory leak via png_create_info_struct

Synthesis of the vulnerability

An attacker can create a memory leak via png_create_info_struct() of libpng, in order to trigger a denial of service.
Impacted products: libpng, Java OpenJDK, Java Oracle.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 14/01/2019.
Identifiers: 269, cpujul2019, CVE-2019-6129, VIGILANCE-VUL-28269.

Description of the vulnerability

An attacker can create a memory leak via png_create_info_struct() of libpng, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2018-14048

libpng/pnm2png: denial of service via png_free_data

Synthesis of the vulnerability

An attacker can generate a fatal error via png_free_data() of libpng/pnm2png, in order to trigger a denial of service.
Impacted products: libpng, Java OpenJDK, Java Oracle, Slackware.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/07/2018.
Identifiers: 238, cpuoct2018, CVE-2018-14048, SSA:2019-107-01, VIGILANCE-VUL-26753.

Description of the vulnerability

An attacker can generate a fatal error via png_free_data() of libpng/pnm2png, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2018-13785

libpng: integer overflow via png_check_chunk_length

Synthesis of the vulnerability

An attacker can generate an integer overflow via png_check_chunk_length() of libpng, in order to trigger a denial of service, and possibly to run code.
Impacted products: VNX Operating Environment, VNX Series, Fedora, AIX, IBM i, libpng, McAfee Web Gateway, Java OpenJDK, openSUSE Leap, Java Oracle, RHEL, SUSE Linux Enterprise Desktop, SLES, Ubuntu.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 12/07/2018.
Identifiers: cpuoct2018, CVE-2018-13785, DSA-2019-131, FEDORA-2018-04eded822e, FEDORA-2018-3e04e9fe54, ibm10743955, openSUSE-SU-2019:0042-1, openSUSE-SU-2019:0043-1, openSUSE-SU-2019:1530-1, RHSA-2018:3000-01, RHSA-2018:3001-01, RHSA-2018:3002-01, RHSA-2018:3003-01, RHSA-2018:3007-01, RHSA-2018:3008-01, RHSA-2018:3533-01, RHSA-2018:3534-01, RHSA-2018:3671-01, RHSA-2018:3672-01, SB10255, SUSE-SU-2018:3868-1, SUSE-SU-2018:3920-1, SUSE-SU-2018:3921-1, SUSE-SU-2018:3933-1, SUSE-SU-2018:4064-1, SUSE-SU-2019:0049-1, SUSE-SU-2019:0057-1, SUSE-SU-2019:0057-2, SUSE-SU-2019:0058-1, SUSE-SU-2019:1398-1, SUSE-SU-2019:1398-2, USN-3712-1, USN-3712-2, VIGILANCE-VUL-26692.

Description of the vulnerability

An attacker can generate an integer overflow via png_check_chunk_length() of libpng, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability 23610

libpng: NULL pointer dereference via png_handle_eXIf

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via png_handle_eXIf() of libpng, in order to trigger a denial of service.
Impacted products: libpng.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 25/08/2017.
Identifiers: VIGILANCE-VUL-23610.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via png_handle_eXIf() of libpng, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 22161

libpng: buffer overflow via png_do_expand

Synthesis of the vulnerability

An attacker can generate a buffer overflow via png_do_expand() of libpng, in order to trigger a denial of service, and possibly to run code.
Impacted products: libpng, XnView.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 16/03/2017.
Identifiers: VIGILANCE-VUL-22161.

Description of the vulnerability

An attacker can generate a buffer overflow via png_do_expand() of libpng, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2016-10087

libpng: NULL pointer dereference via png_set_text_2

Synthesis of the vulnerability

An attacker can force a NULL pointer to be dereferenced via png_set_text_2() of libpng, in order to trigger a denial of service.
Impacted products: Fedora, Notes, libpng, openSUSE Leap, Solaris, Slackware, Ubuntu.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 29/12/2016.
Identifiers: 2002676, bulletinjul2017, CVE-2016-10087, FEDORA-2016-0eb1d4ad19, FEDORA-2016-12c22499dd, FEDORA-2016-1a7e14d084, FEDORA-2016-5c8dce58c9, FEDORA-2016-a4b06a036b, FEDORA-2016-aaf771b7a7, FEDORA-2017-66fd940572, FEDORA-2017-84bc8ac268, FEDORA-2017-bad9942e42, FEDORA-2017-cf1944f480, openSUSE-SU-2017:0937-1, openSUSE-SU-2017:0942-1, openSUSE-SU-2017:1037-1, SSA:2016-365-01, USN-3712-1, USN-3712-2, VIGILANCE-VUL-21483.

Description of the vulnerability

An attacker can force a NULL pointer to be dereferenced via png_set_text_2() of libpng, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 20311

libpng: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of libpng.
Impacted products: libpng.
Severity: 2/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 04/08/2016.
Identifiers: VIGILANCE-VUL-20311.

Description of the vulnerability

Several vulnerabilities were announced in libpng.

An attacker can generate a buffer overflow via PNG_IMAGE_SIZE, in order to trigger a denial of service, and possibly to run code. [severity:2/4]

An attacker can generate a buffer overflow via Filter Heuristic, in order to trigger a denial of service, and possibly to run code. [severity:2/4]

An attacker can generate a buffer overflow via PNG_IMAGE_BUFFER_SIZE, in order to trigger a denial of service, and possibly to run code. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

vulnerability 19710

libpng: buffer overflow via image size related macros

Synthesis of the vulnerability

An attacker can generate a buffer overflow of libpng, in order to trigger a denial of service, and possibly to run code.
Impacted products: libpng.
Severity: 1/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on server, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 26/05/2016.
Identifiers: VIGILANCE-VUL-19710.

Description of the vulnerability

The libpng library includes macros to calculate the size of a an image line or the whole image.

However, these macros does not check whether the result is bigger that the available address space in 32 bits systems. On these platforms, an ill-formed image may trigger an arithmetic overflow and then a memory corruption.

An attacker can therefore generate a buffer overflow of libpng, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about libpng: