ALT-PU-2016-1375-1
Closed vulnerabilities
BDU:2016-01034
Уязвимость программного средства для оптимизации PNG OptiPNG, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
BDU:2016-01035
Уязвимость программного средства для оптимизации PNG OptiPNG, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Modified: 2024-11-21
CVE-2015-7802
gifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.
Modified: 2024-11-21
CVE-2016-3981
Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.
- http://bugs.fi/media/afl/optipng/1/
- http://bugs.fi/media/afl/optipng/1/
- openSUSE-SU-2016:1078
- openSUSE-SU-2016:1078
- openSUSE-SU-2016:1082
- openSUSE-SU-2016:1082
- DSA-3546
- DSA-3546
- USN-2951-1
- USN-2951-1
- GLSA-201608-01
- GLSA-201608-01
- https://sourceforge.net/p/optipng/bugs/56/
- https://sourceforge.net/p/optipng/bugs/56/
Modified: 2024-11-21
CVE-2016-3982
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.
- http://bugs.fi/media/afl/optipng/2/
- http://bugs.fi/media/afl/optipng/2/
- openSUSE-SU-2016:1078
- openSUSE-SU-2016:1078
- openSUSE-SU-2016:1082
- openSUSE-SU-2016:1082
- DSA-3546
- DSA-3546
- USN-2951-1
- USN-2951-1
- GLSA-201608-01
- GLSA-201608-01
- https://sourceforge.net/p/optipng/bugs/57/
- https://sourceforge.net/p/optipng/bugs/57/