Vulnerability Note VU#819894
libpng invalid sCAL chunk processing vulnerability
libpng reads uninitialized memory when processing invalid sCAL chunks.
When libpng encounters a sCAL chunk that is empty it will read uninitialized memory. libpng also does not properly handle a sCAL chunk that lacks the terminating zero between the two strings conveyed.
Additional details can be found on the png-mng-implement mailing list archives.
By tricking a user into opening a specifically crafted PNG file within an application that uses libpng, an attacker may be able to cause a denial of service crash.
Apply an Update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|libpng||Affected||07 Jul 2011||07 Jul 2011|
CVSS Metrics (Learn More)
Thanks to Glenn Randers-Pehrson for reporting this vulnerability.
This document was written by Jared Allar.
- CVE IDs: Unknown
- Date Public: 07 Jul 2011
- Date First Published: 07 Jul 2011
- Date Last Updated: 07 Jul 2011
- Severity Metric: 0.65
- Document Revision: 10
If you have feedback, comments, or additional information about this vulnerability, please send us email.