CVE-2008-3964

Publication date 11 September 2008

Last updated 24 July 2024

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libpng	8.10 intrepid	Fixed 1.2.27-1ubuntu0.1
	8.04 LTS hardy	Fixed 1.2.15~beta5-3ubuntu0.1
	7.10 gutsy	Fixed 1.2.15~beta5-2ubuntu0.2
	7.04 feisty	Ignored end of life, was needed
	6.06 LTS dapper	Fixed 1.2.8rel-5ubuntu0.4

How can I get the fixes?
What do statuses mean?

Notes

jdstrand

off-by-one error in pngpread.c not introduced until 1.2.30, pngtest is affected

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-730-1
libpng vulnerabilities
6 March 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2008-3964