VDB

MAGEIA-2014-76

MAGEIA-2014-76 PUBLISHED

The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c and pngset.c (CVE-2013-6954).

Affected Products

VendorProductVersions
Mageialibpng120, 1.2.50-4.1.mga4, 0
Mageiarsync0, 3.1.0-4.1.mga4

Timeline

  • Feb 16, 2014 CVE Updated
  • Feb 16, 2014 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›