Oval Definition:oval:com.ubuntu.xenial:def:201610087000
Revision Date:2017-01-30Version:1
Title:CVE-2016-10087 on Ubuntu 16.04 LTS (xenial) - low.
Description:The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2016-10087
Platform(s):Ubuntu 16.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 16.04 LTS (xenial) is installed.
  • AND Package Information
  • NOT While related to the CVE in some way, the 'chromium-browser' package in xenial is not affected (note: 'uses system libpng').
  • OR NOT While related to the CVE in some way, the 'firefox' package in xenial is not affected.
  • OR The 'libpng' package in xenial was vulnerable but has been fixed (note: '1.2.54-1ubuntu1.1').
  • OR The 'libpng1.6' package in xenial is affected and needs fixing.
  • OR NOT While related to the CVE in some way, the 'thunderbird' package in xenial is not affected.
  • BACK