Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers a buffer overflow, related to the png_do_expand_palette function, the png_do_rgb_to_gray function, and an integer underflow. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libpng PNG图像缓冲区溢出漏洞
Vulnerability Description
libpng是一个可对PNG图形文件实现创建、读写等操作的PNG参考库。 libpng 1.5.1之前的1.5.x版本中的pngrtran.c文件中存在漏洞。远程攻击者可以借助能够触发缓冲区溢出的基于调色板的特制PNG图像导致拒绝服务,或可能执行任何代码。该漏洞与png_do_expand_palette函数,png_do_rgb_to_gray函数和整数下溢有关。
CVSS Information
N/A
Vulnerability Type
N/A