Vulnerability Description
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libpng | Libpng | <= 1.2.20 |
Related Weaknesses (CWE)
References
- http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-releas
- http://bugs.gentoo.org/show_bug.cgi?id=195261
- http://docs.info.apple.com/article.html?artnum=307562
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html
- http://lists.vmware.com/pipermail/security-announce/2008/000008.html
- http://secunia.com/advisories/27093Vendor Advisory
- http://secunia.com/advisories/27284
- http://secunia.com/advisories/27369
- http://secunia.com/advisories/27391
- http://secunia.com/advisories/27405
- http://secunia.com/advisories/27492
- http://secunia.com/advisories/27529
- http://secunia.com/advisories/27629
FAQ
What is CVE-2007-5269?
CVE-2007-5269 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (...
How severe is CVE-2007-5269?
CVE-2007-5269 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5269?
Check the references section above for vendor advisories and patch information. Affected products include: Libpng Libpng.