Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0481

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0481
Last Modified 17 Oct 2011 12:00:00
Published 31 Jan 2006 01:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0481

Summary

Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.

Vulnerable Systems

Application

  • Greg Roelofs Libpng 1.2.7


References

BID - 16626

REDHAT - RHSA-2006:0205

SECTRACK - 1015617

SECTRACK - 1015615

SECUNIA - 18863

SECUNIA - 18654

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179455

XF - libpng-pngsetstripalpha-bo(24396)

VUPEN - ADV-2006-0393

GENTOO - GLSA-200812-15

SECUNIA - 33137

CONFIRM - ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.8-README.txt


Last Updated: 27 May 2016 10:41:40