FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c564f9bd-8ba7-11e4-801f-0022156e8794	png -- heap overflow for 32-bit builds 32-bit builds of PNG library are vulnerable to an unsigned integer overflow that is triggered by a crafted wide interlaced images. Overflow results in a heap corruption that will crash the application and may lead to the controlled overwrite of a selected portions of process address space. Discovery 2014-12-23 Entry 2015-01-05 png ge 1.2.6 lt 1.5.21 ge 1.6 lt 1.6.16 http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt http://codelabs.ru/security/vulns/analysis/libpng/2014-dec-libpng-1.6.15/

VuXML ID

Description

c564f9bd-8ba7-11e4-801f-0022156e8794

png -- heap overflow for 32-bit builds

32-bit builds of PNG library are vulnerable to an unsigned integer overflow that is triggered by a crafted wide interlaced images. Overflow results in a heap corruption that will crash the application and may lead to the controlled overwrite of a selected portions of process address space.

Discovery 2014-12-23
Entry 2015-01-05
png

ge 1.2.6 lt 1.5.21

ge 1.6 lt 1.6.16

http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
http://codelabs.ru/security/vulns/analysis/libpng/2014-dec-libpng-1.6.15/