CVE-2007-5268 (GCVE-0-2007-5268)
Vulnerability from cvelistv5
Published
2007-10-08 21:00
Modified
2024-08-07 15:24
Severity ?
EPSS score ?
Summary
pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T15:24:42.435Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1814", }, { name: "MDKSA-2007:217", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217", }, { name: "35386", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35386", }, { name: "27093", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27093", }, { name: "1020521", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1", }, { name: "ADV-2009-1560", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1560", }, { name: "ADV-2009-1462", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1462", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=195261", }, { name: "27529", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27529", }, { name: "27405", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27405", }, { name: "27746", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27746", }, { name: "ADV-2007-3390", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/3390", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.coresecurity.com/?action=item&id=2148", }, { name: "259989", tags: [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1", }, { name: "35302", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35302", }, { name: "[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement", }, { name: "ADV-2008-0924", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "TA08-150A", tags: [ "third-party-advisory", "x_refsource_CERT", "x_transferred", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "25956", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/25956", }, { name: "29420", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29420", }, { name: "APPLE-SA-2008-03-18", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "27284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27284", }, { name: "30430", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30430", }, { name: "USN-538-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/usn-538-1", }, { name: "APPLE-SA-2008-05-28", tags: [ "vendor-advisory", "x_refsource_APPLE", "x_transferred", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", }, { name: "30161", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30161", }, { name: "GLSA-200805-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml", }, { name: "[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "GLSA-200711-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml", }, { name: "[png-mng-implement] 20070911 FW: Compiler warnings for pngrtran.c", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com", }, { name: "ADV-2008-1697", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "SSA:2007-325-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", "x_transferred", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323", }, { name: "20071112 FLEA-2007-0065-1 libpng", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/483582/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", }, { name: "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/489135/100/0/threaded", }, { name: "27629", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27629", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-10-08T00:00:00", descriptions: [ { lang: "en", value: "pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1814", }, { name: "MDKSA-2007:217", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217", }, { name: "35386", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35386", }, { name: "27093", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27093", }, { name: "1020521", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1", }, { name: "ADV-2009-1560", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1560", }, { name: "ADV-2009-1462", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1462", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=195261", }, { name: "27529", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27529", }, { name: "27405", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27405", }, { name: "27746", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27746", }, { name: "ADV-2007-3390", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/3390", }, { tags: [ "x_refsource_MISC", ], url: "http://www.coresecurity.com/?action=item&id=2148", }, { name: "259989", tags: [ "vendor-advisory", "x_refsource_SUNALERT", ], url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1", }, { name: "35302", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35302", }, { name: "[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement", }, { name: "ADV-2008-0924", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "TA08-150A", tags: [ "third-party-advisory", "x_refsource_CERT", ], url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "25956", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/25956", }, { name: "29420", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29420", }, { name: "APPLE-SA-2008-03-18", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "27284", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27284", }, { name: "30430", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30430", }, { name: "USN-538-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/usn-538-1", }, { name: "APPLE-SA-2008-05-28", tags: [ "vendor-advisory", "x_refsource_APPLE", ], url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", }, { name: "30161", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30161", }, { name: "GLSA-200805-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml", }, { name: "[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "GLSA-200711-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml", }, { name: "[png-mng-implement] 20070911 FW: Compiler warnings for pngrtran.c", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com", }, { name: "ADV-2008-1697", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "SSA:2007-325-01", tags: [ "vendor-advisory", "x_refsource_SLACKWARE", ], url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323", }, { name: "20071112 FLEA-2007-0065-1 libpng", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/483582/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", }, { name: "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/489135/100/0/threaded", }, { name: "27629", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27629", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-5268", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://issues.rpath.com/browse/RPL-1814", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1814", }, { name: "MDKSA-2007:217", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDKSA-2007:217", }, { name: "35386", refsource: "SECUNIA", url: "http://secunia.com/advisories/35386", }, { name: "27093", refsource: "SECUNIA", url: "http://secunia.com/advisories/27093", }, { name: "1020521", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1", }, { name: "ADV-2009-1560", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1560", }, { name: "ADV-2009-1462", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1462", }, { name: "http://bugs.gentoo.org/show_bug.cgi?id=195261", refsource: "CONFIRM", url: "http://bugs.gentoo.org/show_bug.cgi?id=195261", }, { name: "27529", refsource: "SECUNIA", url: "http://secunia.com/advisories/27529", }, { name: "27405", refsource: "SECUNIA", url: "http://secunia.com/advisories/27405", }, { name: "27746", refsource: "SECUNIA", url: "http://secunia.com/advisories/27746", }, { name: "ADV-2007-3390", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/3390", }, { name: "http://www.coresecurity.com/?action=item&id=2148", refsource: "MISC", url: "http://www.coresecurity.com/?action=item&id=2148", }, { name: "259989", refsource: "SUNALERT", url: "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1", }, { name: "35302", refsource: "SECUNIA", url: "http://secunia.com/advisories/35302", }, { name: "[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released", refsource: "MLIST", url: "http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement", }, { name: "ADV-2008-0924", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0924/references", }, { name: "TA08-150A", refsource: "CERT", url: "http://www.us-cert.gov/cas/techalerts/TA08-150A.html", }, { name: "25956", refsource: "BID", url: "http://www.securityfocus.com/bid/25956", }, { name: "29420", refsource: "SECUNIA", url: "http://secunia.com/advisories/29420", }, { name: "APPLE-SA-2008-03-18", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html", }, { name: "27284", refsource: "SECUNIA", url: "http://secunia.com/advisories/27284", }, { name: "30430", refsource: "SECUNIA", url: "http://secunia.com/advisories/30430", }, { name: "USN-538-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/usn-538-1", }, { name: "APPLE-SA-2008-05-28", refsource: "APPLE", url: "http://lists.apple.com/archives/security-announce/2008//May/msg00001.html", }, { name: "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", refsource: "CONFIRM", url: "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", }, { name: "30161", refsource: "SECUNIA", url: "http://secunia.com/advisories/30161", }, { name: "GLSA-200805-07", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml", }, { name: "[png-mng-implement] 20070914 libpng-1.0.29beta1 and libpng-1.2.21beta1", refsource: "MLIST", url: "http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com", }, { name: "http://docs.info.apple.com/article.html?artnum=307562", refsource: "CONFIRM", url: "http://docs.info.apple.com/article.html?artnum=307562", }, { name: "GLSA-200711-08", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml", }, { name: "[png-mng-implement] 20070911 FW: Compiler warnings for pngrtran.c", refsource: "MLIST", url: "http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com", }, { name: "ADV-2008-1697", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1697", }, { name: "SSA:2007-325-01", refsource: "SLACKWARE", url: "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323", }, { name: "20071112 FLEA-2007-0065-1 libpng", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/483582/100/0/threaded", }, { name: "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", refsource: "CONFIRM", url: "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", }, { name: "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/489135/100/0/threaded", }, { name: "27629", refsource: "SECUNIA", url: "http://secunia.com/advisories/27629", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-5268", datePublished: "2007-10-08T21:00:00", dateReserved: "2007-10-08T00:00:00", dateUpdated: "2024-08-07T15:24:42.435Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.29\", \"matchCriteriaId\": \"62BE52C6-6754-426A-894E-30900436A362\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.2.0\", \"versionEndExcluding\": \"1.2.21\", \"matchCriteriaId\": \"33EB15A8-33D5-4F15-A08B-C5586D53155F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"23E304C9-F780-4358-A58D-1E4C93977704\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6EBDAFF8-DE44-4E80-B6BD-E341F767F501\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"823BF8BE-2309-4F67-A5E2-EAD98F723468\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.\"}, {\"lang\": \"es\", \"value\": \"pngrtran.c en libpng anterior a 1.0.29 y 1.2.x anterior a 1.2.21 utiliza (1) operaciones l\\u00f3gicas en vez de operaci\\u00f3n sobre bits y (2) comparaciones incorrectas, lo cual podr\\u00eda permitir a atacantes remotos provocar una denegaci\\u00f3n de servicio (ca\\u00edda) mediante una imagen PNG manipulada artesanalmente.\"}]", id: "CVE-2007-5268", lastModified: "2024-11-21T00:37:31.623", metrics: "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2007-10-08T21:17:00.000", references: "[{\"url\": \"http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=195261\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307562\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27093\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27284\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27405\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27529\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27629\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27746\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29420\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30161\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30430\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/35302\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/35386\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.coresecurity.com/?action=item&id=2148\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:217\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/483582/100/0/threaded\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/489135/100/0/threaded\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/25956\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-538-1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/3390\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0924/references\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1697\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1462\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1560\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1814\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://bugs.gentoo.org/show_bug.cgi?id=195261\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://docs.info.apple.com/article.html?artnum=307562\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27093\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27284\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27405\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27529\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27629\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/27746\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/29420\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30161\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/30430\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/35302\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://secunia.com/advisories/35386\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.coresecurity.com/?action=item&id=2148\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDKSA-2007:217\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/483582/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/489135/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/25956\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.ubuntu.com/usn/usn-538-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/3390\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0924/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1697\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1462\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2009/1560\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://issues.rpath.com/browse/RPL-1814\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]", sourceIdentifier: "cve@mitre.org", vendorComments: "[{\"organization\": \"Red Hat\", \"comment\": \"Not vulnerable. This issue did not affect the versions of libpng and libpng10 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\", \"lastModified\": \"2007-10-16T00:00:00\"}]", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2007-5268\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-10-08T21:17:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.\"},{\"lang\":\"es\",\"value\":\"pngrtran.c en libpng anterior a 1.0.29 y 1.2.x anterior a 1.2.21 utiliza (1) operaciones lógicas en vez de operación sobre bits y (2) comparaciones incorrectas, lo cual podría permitir a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen PNG manipulada artesanalmente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.29\",\"matchCriteriaId\":\"62BE52C6-6754-426A-894E-30900436A362\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.2.0\",\"versionEndExcluding\":\"1.2.21\",\"matchCriteriaId\":\"33EB15A8-33D5-4F15-A08B-C5586D53155F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"5C18C3CD-969B-4AA3-AE3A-BA4A188F8BFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"23E304C9-F780-4358-A58D-1E4C93977704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6EBDAFF8-DE44-4E80-B6BD-E341F767F501\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"823BF8BE-2309-4F67-A5E2-EAD98F723468\"}]}]}],\"references\":[{\"url\":\"http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=195261\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307562\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27093\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27284\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27405\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27529\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27629\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27746\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29420\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30161\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30430\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/35302\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/35386\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.coresecurity.com/?action=item&id=2148\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:217\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/483582/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/489135/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/25956\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-538-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3390\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0924/references\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1697\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1462\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1560\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1814\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://bugs.gentoo.org/show_bug.cgi?id=195261\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://docs.info.apple.com/article.html?artnum=307562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008//May/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27093\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27284\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27405\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27529\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/27746\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/29420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30161\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/30430\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/35302\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/35386\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.coresecurity.com/?action=item&id=2148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2007:217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/483582/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/archive/1/489135/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/25956\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-538-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-150A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/3390\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0924/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/1697\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1462\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2009/1560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://issues.rpath.com/browse/RPL-1814\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}],\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Not vulnerable. This issue did not affect the versions of libpng and libpng10 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.\",\"lastModified\":\"2007-10-16T00:00:00\"}]}}", }, }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.