Oval Definition:	oval:org.mitre.oval:tst:33581
Comment: libpng-devel is earlier than 2:1.2.7-3.el4 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:14221 Object: oval:org.mitre.oval:obj:951 State: oval:org.mitre.oval:ste:10430 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:10094 V The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value. 2013-04-29 oval:org.mitre.oval:def:10324 V The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read. 2013-04-29
BACK