libpng versions 1.6.0 through 1.6.9 contain a denial-of-service vulnerability.
CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') - CVE-2014-0333
Glenn Randers Pehrson of the PNG Development Group reports:
Decoding a malformed .png file may cause the target application to become unresponsive.
Apply an Update
Thanks to Glenn Randers-Pehrson for reporting this vulnerability.
This document was written by Todd Lewellen.
|Date First Published:||2014-02-25|
|Date Last Updated:||2014-02-25 17:45 UTC|