CVE-2002-1363

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-1363
Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008
http://www.debian.org/security/2002/dsa-213 Patch Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063
http://www.novell.com/linux/security/advisories/2003_004_libpng.html
http://www.redhat.com/support/errata/RHSA-2003-006.html
http://www.redhat.com/support/errata/RHSA-2003-007.html
http://www.redhat.com/support/errata/RHSA-2003-119.html
http://www.redhat.com/support/errata/RHSA-2003-157.html
http://www.redhat.com/support/errata/RHSA-2004-249.html
http://www.redhat.com/support/errata/RHSA-2004-402.html
http://www.securityfocus.com/bid/6431
https://bugzilla.fedora.us/show_bug.cgi?id=1943
https://exchange.xforce.ibmcloud.com/vulnerabilities/10925
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008
http://www.debian.org/security/2002/dsa-213 Patch Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063
http://www.novell.com/linux/security/advisories/2003_004_libpng.html
http://www.redhat.com/support/errata/RHSA-2003-006.html
http://www.redhat.com/support/errata/RHSA-2003-007.html
http://www.redhat.com/support/errata/RHSA-2003-119.html
http://www.redhat.com/support/errata/RHSA-2003-157.html
http://www.redhat.com/support/errata/RHSA-2004-249.html
http://www.redhat.com/support/errata/RHSA-2004-402.html
http://www.securityfocus.com/bid/6431
https://bugzilla.fedora.us/show_bug.cgi?id=1943
https://exchange.xforce.ibmcloud.com/vulnerabilities/10925
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:greg_roelofs:libpng:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:greg_roelofs:libpng:1.2.4:*:*:*:*:*:*:*
History

20 Nov 2024, 23:41

Type Values Removed Values Added
References () http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008 - () http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008 -
References () http://www.debian.org/security/2002/dsa-213 - Patch, Vendor Advisory () http://www.debian.org/security/2002/dsa-213 - Patch, Vendor Advisory
References () http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063 - () http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063 -
References () http://www.novell.com/linux/security/advisories/2003_004_libpng.html - () http://www.novell.com/linux/security/advisories/2003_004_libpng.html -
References () http://www.redhat.com/support/errata/RHSA-2003-006.html - () http://www.redhat.com/support/errata/RHSA-2003-006.html -
References () http://www.redhat.com/support/errata/RHSA-2003-007.html - () http://www.redhat.com/support/errata/RHSA-2003-007.html -
References () http://www.redhat.com/support/errata/RHSA-2003-119.html - () http://www.redhat.com/support/errata/RHSA-2003-119.html -
References () http://www.redhat.com/support/errata/RHSA-2003-157.html - () http://www.redhat.com/support/errata/RHSA-2003-157.html -
References () http://www.redhat.com/support/errata/RHSA-2004-249.html - () http://www.redhat.com/support/errata/RHSA-2004-249.html -
References () http://www.redhat.com/support/errata/RHSA-2004-402.html - () http://www.redhat.com/support/errata/RHSA-2004-402.html -
References () http://www.securityfocus.com/bid/6431 - () http://www.securityfocus.com/bid/6431 -
References () https://bugzilla.fedora.us/show_bug.cgi?id=1943 - () https://bugzilla.fedora.us/show_bug.cgi?id=1943 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/10925 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/10925 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657 -
Information

Published : 2002-12-26 05:00

Updated : 2024-11-20 23:41

NVD link : CVE-2002-1363

Mitre link : CVE-2002-1363

CVE.ORG link : CVE-2002-1363

JSON object : View

Products Affected

greg_roelofs

  • libpng
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024