Vulnerability Description
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libpng | Libpng | <= 1.2.21 |
Related Weaknesses (CWE)
References
- http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-releas
- http://docs.info.apple.com/article.html?artnum=307562
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
- http://secunia.com/advisories/27130Vendor Advisory
- http://secunia.com/advisories/27284
- http://secunia.com/advisories/27746
- http://secunia.com/advisories/29420
- http://secunia.com/advisories/35302
- http://secunia.com/advisories/35386
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware
- http://sourceforge.net/mailarchive/forum.php?thread_name=47067C84.7010205%40play
- http://sourceforge.net/mailarchive/message.php?msg_name=3.0.6.32.20071005143158.Patch
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
FAQ
What is CVE-2007-5267?
CVE-2007-5267 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG ima...
How severe is CVE-2007-5267?
CVE-2007-5267 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5267?
Check the references section above for vendor advisories and patch information. Affected products include: Libpng Libpng.