Oval Definition:oval:com.ubuntu.trusty:def:20163982000
Revision Date:2016-04-13Version:1
Title:CVE-2016-3982 on Ubuntu 14.04 LTS (trusty) - medium.
Description:Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-3982
Platform(s):Ubuntu 14.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 14.04 LTS (trusty) is installed.
  • AND The 'optipng' package in trusty was vulnerable but has been fixed (note: '0.6.4-1ubuntu0.14.04.1').
  • BACK