CVE-2007-5266 - Vulnerability Details

Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Libpng	Libpng

Configuration 1 [-]

OR	cpe:2.3:a:libpng:libpng::::::::
	cpe:2.3:a:libpng:libpng::::::::

No data.

References

Link	Providers
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
http://bugs.gentoo.org/show_bug.cgi?id=195261
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://secunia.com/advisories/27284
http://secunia.com/advisories/27529
http://secunia.com/advisories/27629
http://secunia.com/advisories/27746
http://secunia.com/advisories/29420
http://secunia.com/advisories/30161
http://secunia.com/advisories/30430
http://secunia.com/advisories/35302
http://secunia.com/advisories/35386
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323
http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
http://www.coresecurity.com/?action=item&id=2148
http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:217
http://www.securityfocus.com/archive/1/483582/100/0/threaded
http://www.securityfocus.com/archive/1/489135/100/0/threaded
http://www.securityfocus.com/bid/25957
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
http://www.vupen.com/english/advisories/2008/0924/references
http://www.vupen.com/english/advisories/2008/1697
http://www.vupen.com/english/advisories/2009/1462
http://www.vupen.com/english/advisories/2009/1560
https://issues.rpath.com/browse/RPL-1814
https://nvd.nist.gov/vuln/detail/CVE-2007-5266
https://www.cve.org/CVERecord?id=CVE-2007-5266

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-10-08T21:00:00

Updated: 2024-08-07T15:24:42.345Z

Reserved: 2007-10-08T00:00:00

Link: CVE-2007-5266

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-10-08T21:17:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-5266

Redhat

Severity : Moderate

Publid Date: 2007-09-11T00:00:00Z

Links: CVE-2007-5266 - Bugzilla

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-11T00:00:00", "descriptions": [{"lang": "en", "value": "Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1814"}, {"name": "MDKSA-2007:217", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217"}, {"name": "35386", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35386"}, {"name": "[png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement"}, {"name": "1020521", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"}, {"name": "ADV-2009-1560", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1560"}, {"name": "ADV-2009-1462", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1462"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=195261"}, {"name": "27529", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27529"}, {"name": "27746", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27746"}, {"tags": ["x_refsource_MISC"], "url": "http://www.coresecurity.com/?action=item&id=2148"}, {"name": "259989", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"}, {"name": "35302", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35302"}, {"name": "ADV-2008-0924", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"name": "TA08-150A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"}, {"name": "29420", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29420"}, {"name": "APPLE-SA-2008-03-18", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"name": "27284", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27284"}, {"name": "30430", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30430"}, {"name": "APPLE-SA-2008-05-28", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"}, {"name": "30161", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30161"}, {"name": "GLSA-200805-07", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"}, {"name": "[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"name": "GLSA-200711-08", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml"}, {"name": "ADV-2008-1697", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1697"}, {"name": "SSA:2007-325-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323"}, {"name": "20071112 FLEA-2007-0065-1 libpng", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"}, {"name": "25957", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/25957"}, {"name": "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"}, {"name": "27629", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27629"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5266", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://issues.rpath.com/browse/RPL-1814", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1814"}, {"name": "MDKSA-2007:217", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217"}, {"name": "35386", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35386"}, {"name": "[png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement"}, {"name": "1020521", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"}, {"name": "ADV-2009-1560", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1560"}, {"name": "ADV-2009-1462", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1462"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=195261", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=195261"}, {"name": "27529", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27529"}, {"name": "27746", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27746"}, {"name": "http://www.coresecurity.com/?action=item&id=2148", "refsource": "MISC", "url": "http://www.coresecurity.com/?action=item&id=2148"}, {"name": "259989", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"}, {"name": "35302", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35302"}, {"name": "ADV-2008-0924", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"name": "TA08-150A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"}, {"name": "29420", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29420"}, {"name": "APPLE-SA-2008-03-18", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"name": "27284", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27284"}, {"name": "30430", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30430"}, {"name": "APPLE-SA-2008-05-28", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"}, {"name": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", "refsource": "CONFIRM", "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"}, {"name": "30161", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30161"}, {"name": "GLSA-200805-07", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"}, {"name": "[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1", "refsource": "MLIST", "url": "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com"}, {"name": "http://docs.info.apple.com/article.html?artnum=307562", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"name": "GLSA-200711-08", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml"}, {"name": "ADV-2008-1697", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1697"}, {"name": "SSA:2007-325-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323"}, {"name": "20071112 FLEA-2007-0065-1 libpng", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"}, {"name": "25957", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25957"}, {"name": "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"}, {"name": "27629", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27629"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:24:42.345Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1814"}, {"name": "MDKSA-2007:217", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217"}, {"name": "35386", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35386"}, {"name": "[png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement"}, {"name": "1020521", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"}, {"name": "ADV-2009-1560", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1560"}, {"name": "ADV-2009-1462", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1462"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=195261"}, {"name": "27529", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27529"}, {"name": "27746", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27746"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.coresecurity.com/?action=item&id=2148"}, {"name": "259989", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"}, {"name": "35302", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35302"}, {"name": "ADV-2008-0924", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"name": "TA08-150A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"}, {"name": "29420", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29420"}, {"name": "APPLE-SA-2008-03-18", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"name": "27284", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27284"}, {"name": "30430", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30430"}, {"name": "APPLE-SA-2008-05-28", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"}, {"name": "30161", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30161"}, {"name": "GLSA-200805-07", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"}, {"name": "[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"name": "GLSA-200711-08", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml"}, {"name": "ADV-2008-1697", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1697"}, {"name": "SSA:2007-325-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323"}, {"name": "20071112 FLEA-2007-0065-1 libpng", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"}, {"name": "25957", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/25957"}, {"name": "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"}, {"name": "27629", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27629"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5266", "datePublished": "2007-10-08T21:00:00", "dateReserved": "2007-10-08T00:00:00", "dateUpdated": "2024-08-07T15:24:42.345Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2007-09-11T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-15T20:57:01 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://issues.rpath.com/browse/RPL-1814 (string)

}

1 : { »

name : MDKSA-2007:217 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 (string)

}

2 : { »

name : 35386 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/35386 (string)

}

3 : { »

name : [png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement (string)

}

4 : { »

name : 1020521 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUNALERT (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 (string)

}

5 : { »

name : ADV-2009-1560 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2009/1560 (string)

}

6 : { »

name : ADV-2009-1462 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2009/1462 (string)

}

7 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://bugs.gentoo.org/show_bug.cgi?id=195261 (string)

}

8 : { »

name : 27529 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/27529 (string)

}

9 : { »

name : 27746 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/27746 (string)

}

10 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.coresecurity.com/?action=item&id=2148 (string)

}

11 : { »

name : 259989 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUNALERT (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 (string)

}

12 : { »

name : 35302 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/35302 (string)

}

13 : { »

name : ADV-2008-0924 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2008/0924/references (string)

}

14 : { »

name : TA08-150A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA08-150A.html (string)

}

15 : { »

name : 29420 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/29420 (string)

}

16 : { »

name : APPLE-SA-2008-03-18 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_APPLE (string)

]

url : http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html (string)

}

17 : { »

name : 27284 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/27284 (string)

}

18 : { »

name : 30430 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/30430 (string)

}

19 : { »

name : APPLE-SA-2008-05-28 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_APPLE (string)

]

url : http://lists.apple.com/archives/security-announce/2008//May/msg00001.html (string)

}

20 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html (string)

}

21 : { »

name : 30161 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/30161 (string)

}

22 : { »

name : GLSA-200805-07 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml (string)

}

23 : { »

name : [png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com (string)

}

24 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://docs.info.apple.com/article.html?artnum=307562 (string)

}

25 : { »

name : GLSA-200711-08 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml (string)

}

26 : { »

name : ADV-2008-1697 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

]

url : http://www.vupen.com/english/advisories/2008/1697 (string)

}

27 : { »

name : SSA:2007-325-01 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SLACKWARE (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 (string)

}

28 : { »

name : 20071112 FLEA-2007-0065-1 libpng (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/483582/100/0/threaded (string)

}

29 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm (string)

}

30 : { »

name : 25957 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/25957 (string)

}

31 : { »

name : 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/489135/100/0/threaded (string)

}

32 : { »

name : 27629 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

]

url : http://secunia.com/advisories/27629 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2007-5266 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://issues.rpath.com/browse/RPL-1814 (string)

refsource : CONFIRM (string)

url : https://issues.rpath.com/browse/RPL-1814 (string)

}

1 : { »

name : MDKSA-2007:217 (string)

refsource : MANDRIVA (string)

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 (string)

}

2 : { »

name : 35386 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/35386 (string)

}

3 : { »

name : [png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c (string)

refsource : MLIST (string)

url : http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement (string)

}

4 : { »

name : 1020521 (string)

refsource : SUNALERT (string)

url : http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 (string)

}

5 : { »

name : ADV-2009-1560 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2009/1560 (string)

}

6 : { »

name : ADV-2009-1462 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2009/1462 (string)

}

7 : { »

name : http://bugs.gentoo.org/show_bug.cgi?id=195261 (string)

refsource : CONFIRM (string)

url : http://bugs.gentoo.org/show_bug.cgi?id=195261 (string)

}

8 : { »

name : 27529 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/27529 (string)

}

9 : { »

name : 27746 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/27746 (string)

}

10 : { »

name : http://www.coresecurity.com/?action=item&id=2148 (string)

refsource : MISC (string)

url : http://www.coresecurity.com/?action=item&id=2148 (string)

}

11 : { »

name : 259989 (string)

refsource : SUNALERT (string)

url : http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 (string)

}

12 : { »

name : 35302 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/35302 (string)

}

13 : { »

name : ADV-2008-0924 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2008/0924/references (string)

}

14 : { »

name : TA08-150A (string)

refsource : CERT (string)

url : http://www.us-cert.gov/cas/techalerts/TA08-150A.html (string)

}

15 : { »

name : 29420 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/29420 (string)

}

16 : { »

name : APPLE-SA-2008-03-18 (string)

refsource : APPLE (string)

url : http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html (string)

}

17 : { »

name : 27284 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/27284 (string)

}

18 : { »

name : 30430 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/30430 (string)

}

19 : { »

name : APPLE-SA-2008-05-28 (string)

refsource : APPLE (string)

url : http://lists.apple.com/archives/security-announce/2008//May/msg00001.html (string)

}

20 : { »

name : http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html (string)

refsource : CONFIRM (string)

url : http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html (string)

}

21 : { »

name : 30161 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/30161 (string)

}

22 : { »

name : GLSA-200805-07 (string)

refsource : GENTOO (string)

url : http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml (string)

}

23 : { »

name : [png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1 (string)

refsource : MLIST (string)

url : http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com (string)

}

24 : { »

name : http://docs.info.apple.com/article.html?artnum=307562 (string)

refsource : CONFIRM (string)

url : http://docs.info.apple.com/article.html?artnum=307562 (string)

}

25 : { »

name : GLSA-200711-08 (string)

refsource : GENTOO (string)

url : http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml (string)

}

26 : { »

name : ADV-2008-1697 (string)

refsource : VUPEN (string)

url : http://www.vupen.com/english/advisories/2008/1697 (string)

}

27 : { »

name : SSA:2007-325-01 (string)

refsource : SLACKWARE (string)

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 (string)

}

28 : { »

name : 20071112 FLEA-2007-0065-1 libpng (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/483582/100/0/threaded (string)

}

29 : { »

name : http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm (string)

refsource : CONFIRM (string)

url : http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm (string)

}

30 : { »

name : 25957 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/25957 (string)

}

31 : { »

name : 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/489135/100/0/threaded (string)

}

32 : { »

name : 27629 (string)

refsource : SECUNIA (string)

url : http://secunia.com/advisories/27629 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-07T15:24:42.345Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://issues.rpath.com/browse/RPL-1814 (string)

}

1 : { »

name : MDKSA-2007:217 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MANDRIVA (string)

2 : x_transferred (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 (string)

}

2 : { »

name : 35386 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/35386 (string)

}

3 : { »

name : [png-mng-implement] 20070911 FW: Suspicious `sizeof' line 694 of pngset.c (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement (string)

}

4 : { »

name : 1020521 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUNALERT (string)

2 : x_transferred (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 (string)

}

5 : { »

name : ADV-2009-1560 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2009/1560 (string)

}

6 : { »

name : ADV-2009-1462 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2009/1462 (string)

}

7 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://bugs.gentoo.org/show_bug.cgi?id=195261 (string)

}

8 : { »

name : 27529 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/27529 (string)

}

9 : { »

name : 27746 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/27746 (string)

}

10 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.coresecurity.com/?action=item&id=2148 (string)

}

11 : { »

name : 259989 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUNALERT (string)

2 : x_transferred (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 (string)

}

12 : { »

name : 35302 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/35302 (string)

}

13 : { »

name : ADV-2008-0924 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2008/0924/references (string)

}

14 : { »

name : TA08-150A (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_CERT (string)

2 : x_transferred (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA08-150A.html (string)

}

15 : { »

name : 29420 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/29420 (string)

}

16 : { »

name : APPLE-SA-2008-03-18 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_APPLE (string)

2 : x_transferred (string)

]

url : http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html (string)

}

17 : { »

name : 27284 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/27284 (string)

}

18 : { »

name : 30430 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/30430 (string)

}

19 : { »

name : APPLE-SA-2008-05-28 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_APPLE (string)

2 : x_transferred (string)

]

url : http://lists.apple.com/archives/security-announce/2008//May/msg00001.html (string)

}

20 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html (string)

}

21 : { »

name : 30161 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/30161 (string)

}

22 : { »

name : GLSA-200805-07 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml (string)

}

23 : { »

name : [png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1 (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com (string)

}

24 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://docs.info.apple.com/article.html?artnum=307562 (string)

}

25 : { »

name : GLSA-200711-08 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml (string)

}

26 : { »

name : ADV-2008-1697 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_VUPEN (string)

2 : x_transferred (string)

]

url : http://www.vupen.com/english/advisories/2008/1697 (string)

}

27 : { »

name : SSA:2007-325-01 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SLACKWARE (string)

2 : x_transferred (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 (string)

}

28 : { »

name : 20071112 FLEA-2007-0065-1 libpng (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/483582/100/0/threaded (string)

}

29 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm (string)

}

30 : { »

name : 25957 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/25957 (string)

}

31 : { »

name : 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/489135/100/0/threaded (string)

}

32 : { »

name : 27629 (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_SECUNIA (string)

2 : x_transferred (string)

]

url : http://secunia.com/advisories/27629 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2007-5266 (string)

datePublished : 2007-10-08T21:00:00 (string)

dateReserved : 2007-10-08T00:00:00 (string)

dateUpdated : 2024-08-07T15:24:42.345Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A6442D5-8045-49D3-9F30-C4FF1D991BE3", "versionEndIncluding": "1.0.28", "vulnerable": true}, {"criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*", "matchCriteriaId": "FF36838B-2645-4803-987A-5DB49486A52D", "versionEndIncluding": "1.2.20", "versionStartIncluding": "1.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated."}, {"lang": "es", "value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en el manejo de perfiles ICC en la funci\u00f3n png_set_iCCP de pngset.c en libpng anterior a 1.0.29 beta1 y 1.2.x anterior a 1.2.21 beta1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una imagen PNG manipulada artesanalmente que provoca que el campo de nombre no termine con NULL."}], "id": "CVE-2007-5266", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-08T21:17:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=195261"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27284"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27529"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27629"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27746"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29420"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30161"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30430"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35302"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35386"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.coresecurity.com/?action=item&id=2148"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/25957"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1697"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1462"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1560"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1814"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=195261"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27284"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27529"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27629"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/27746"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/29420"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30161"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/30430"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35302"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://secunia.com/advisories/35386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.coresecurity.com/?action=item&id=2148"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/25957"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-150A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2008/1697"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1462"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2009/1560"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1814"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of libpng and libpng10 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.", "lastModified": "2007-10-16T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 3A6442D5-8045-49D3-9F30-C4FF1D991BE3 (string)

versionEndIncluding : 1.0.28 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* (string)

matchCriteriaId : FF36838B-2645-4803-987A-5DB49486A52D (string)

versionEndIncluding : 1.2.20 (string)

versionStartIncluding : 1.2.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

}

1 : { »

lang : es (string)

value : Error de superación de límite (off-by-one) en el manejo de perfiles ICC en la función png_set_iCCP de pngset.c en libpng anterior a 1.0.29 beta1 y 1.2.x anterior a 1.2.21 beta1 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen PNG manipulada artesanalmente que provoca que el campo de nombre no termine con NULL. (string)

}

]

id : CVE-2007-5266 (string)

lastModified : 2025-04-09T00:30:58.490 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2007-10-08T21:17:00.000 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html (string)

}

1 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://bugs.gentoo.org/show_bug.cgi?id=195261 (string)

}

2 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://docs.info.apple.com/article.html?artnum=307562 (string)

}

3 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.apple.com/archives/security-announce/2008//May/msg00001.html (string)

}

4 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html (string)

}

5 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27284 (string)

}

6 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27529 (string)

}

7 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27629 (string)

}

8 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27746 (string)

}

9 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/29420 (string)

}

10 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/30161 (string)

}

11 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/30430 (string)

}

12 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/35302 (string)

}

13 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/35386 (string)

}

14 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 (string)

}

15 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement (string)

}

16 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com (string)

}

17 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 (string)

}

18 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 (string)

}

19 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm (string)

}

20 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.coresecurity.com/?action=item&id=2148 (string)

}

21 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml (string)

}

22 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml (string)

}

23 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 (string)

}

24 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/483582/100/0/threaded (string)

}

25 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/489135/100/0/threaded (string)

}

26 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/25957 (string)

}

27 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA08-150A.html (string)

}

28 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2008/0924/references (string)

}

29 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2008/1697 (string)

}

30 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2009/1462 (string)

}

31 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2009/1560 (string)

}

32 : { »

source : cve@mitre.org (string)

tags : [ »

0 : Broken Link (string)

]

url : https://issues.rpath.com/browse/RPL-1814 (string)

}

33 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html (string)

}

34 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://bugs.gentoo.org/show_bug.cgi?id=195261 (string)

}

35 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://docs.info.apple.com/article.html?artnum=307562 (string)

}

36 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.apple.com/archives/security-announce/2008//May/msg00001.html (string)

}

37 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html (string)

}

38 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27284 (string)

}

39 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27529 (string)

}

40 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27629 (string)

}

41 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/27746 (string)

}

42 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/29420 (string)

}

43 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/30161 (string)

}

44 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/30430 (string)

}

45 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/35302 (string)

}

46 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://secunia.com/advisories/35386 (string)

}

47 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323 (string)

}

48 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement (string)

}

49 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com (string)

}

50 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 (string)

}

51 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 (string)

}

52 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm (string)

}

53 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.coresecurity.com/?action=item&id=2148 (string)

}

54 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml (string)

}

55 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml (string)

}

56 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 (string)

}

57 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/483582/100/0/threaded (string)

}

58 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/archive/1/489135/100/0/threaded (string)

}

59 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : VDB Entry (string)

]

url : http://www.securityfocus.com/bid/25957 (string)

}

60 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

1 : US Government Resource (string)

]

url : http://www.us-cert.gov/cas/techalerts/TA08-150A.html (string)

}

61 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2008/0924/references (string)

}

62 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2008/1697 (string)

}

63 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2009/1462 (string)

}

64 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Third Party Advisory (string)

]

url : http://www.vupen.com/english/advisories/2009/1560 (string)

}

65 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://issues.rpath.com/browse/RPL-1814 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vendorComments : [ »

0 : { »

comment : Not vulnerable. This issue did not affect the versions of libpng and libpng10 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5. (string)

lastModified : 2007-10-16T00:00:00 (string)

organization : Red Hat (string)

}

]

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-189 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object