Search CVE reports
31 – 40 of 55 results
CVE-2011-2690
Medium prioritySome fixes available 8 of 9
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote...
3 affected packages
chromium-browser, firefox, libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | — | — |
firefox | — | — | — | — | — |
libpng | — | — | — | — | — |
CVE-2011-2501
Low prioritySome fixes available 11 of 13
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG...
3 affected packages
chromium-browser, firefox, libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | — | — |
firefox | — | — | — | — | — |
libpng | — | — | — | — | — |
CVE-2011-0408
Medium prioritypngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to...
3 affected packages
chromium-browser, firefox, libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | — | — |
firefox | — | — | — | — | — |
libpng | — | — | — | — | — |
CVE-2010-2249
Medium prioritySome fixes available 5 of 11
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka...
3 affected packages
chromium-browser, firefox, libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | — | — |
firefox | — | — | — | — | — |
libpng | — | — | — | — | — |
CVE-2010-1205
Medium prioritySome fixes available 12 of 14
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
5 affected packages
chromium-browser, firefox, libpng, thunderbird, xulrunner-1.9.2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | — | — |
firefox | — | — | — | — | — |
libpng | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner-1.9.2 | — | — | — | — | — |
CVE-2010-0205
Medium prioritySome fixes available 5 of 7
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed...
2 affected packages
firefox, libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
libpng | — | — | — | — | — |
CVE-2009-2042
Low prioritySome fixes available 8 of 21
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers...
7 affected packages
libpng, mozilla-thunderbird, seamonkey, thunderbird, xulrunner...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpng | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2009-0040
Medium prioritySome fixes available 15 of 31
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute...
12 affected packages
firefox, firefox-3.0, firefox-3.5, iceape, icedove...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
firefox | — | — | — | — | — |
firefox-3.0 | — | — | — | — | — |
firefox-3.5 | — | — | — | — | — |
iceape | — | — | — | — | — |
icedove | — | — | — | — | — |
libpng | — | — | — | — | — |
mozilla-thunderbird | — | — | — | — | — |
seamonkey | — | — | — | — | — |
thunderbird | — | — | — | — | — |
xulrunner | — | — | — | — | — |
xulrunner-1.9 | — | — | — | — | — |
xulrunner-1.9.1 | — | — | — | — | — |
CVE-2008-6218
Low priorityMemory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file.
1 affected package
libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpng | — | — | — | — | — |
CVE-2008-5907
Low priorityThe png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of...
1 affected package
libpng
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpng | — | — | — | — | — |