CVE-2007-2445

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-2445
The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
http://docs.info.apple.com/article.html?artnum=307562
http://irrlicht.sourceforge.net/changes.txt
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://openpkg.com/go/OpenPKG-SA-2007.013
http://osvdb.org/36196
http://secunia.com/advisories/25268 Vendor Advisory
http://secunia.com/advisories/25273 Vendor Advisory
http://secunia.com/advisories/25292 Vendor Advisory
http://secunia.com/advisories/25329 Vendor Advisory
http://secunia.com/advisories/25353
http://secunia.com/advisories/25461
http://secunia.com/advisories/25554
http://secunia.com/advisories/25571
http://secunia.com/advisories/25742
http://secunia.com/advisories/25787
http://secunia.com/advisories/25867
http://secunia.com/advisories/27056
http://secunia.com/advisories/29420
http://secunia.com/advisories/30161
http://secunia.com/advisories/31168
http://secunia.com/advisories/34388
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.492650
http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624 Patch
http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624 Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200871-1
http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm
http://www.coresecurity.com/?action=item&id=2148
http://www.debian.org/security/2008/dsa-1613
http://www.debian.org/security/2009/dsa-1750
http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.kb.cert.org/vuls/id/684664 Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:116
http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0356.html
http://www.securityfocus.com/archive/1/468910/100/0/threaded
http://www.securityfocus.com/archive/1/489135/100/0/threaded
http://www.securityfocus.com/bid/24000
http://www.securityfocus.com/bid/24023
http://www.securitytracker.com/id?1018078
http://www.trustix.org/errata/2007/0019/
http://www.ubuntu.com/usn/usn-472-1
http://www.vupen.com/english/advisories/2007/1838
http://www.vupen.com/english/advisories/2007/2385
http://www.vupen.com/english/advisories/2008/0924/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/34340
https://issues.rpath.com/browse/RPL-1381
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10094
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
http://docs.info.apple.com/article.html?artnum=307562
http://irrlicht.sourceforge.net/changes.txt
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://openpkg.com/go/OpenPKG-SA-2007.013
http://osvdb.org/36196
http://secunia.com/advisories/25268 Vendor Advisory
http://secunia.com/advisories/25273 Vendor Advisory
http://secunia.com/advisories/25292 Vendor Advisory
http://secunia.com/advisories/25329 Vendor Advisory
http://secunia.com/advisories/25353
http://secunia.com/advisories/25461
http://secunia.com/advisories/25554
http://secunia.com/advisories/25571
http://secunia.com/advisories/25742
http://secunia.com/advisories/25787
http://secunia.com/advisories/25867
http://secunia.com/advisories/27056
http://secunia.com/advisories/29420
http://secunia.com/advisories/30161
http://secunia.com/advisories/31168
http://secunia.com/advisories/34388
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.492650
http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624 Patch
http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624 Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200871-1
http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm
http://www.coresecurity.com/?action=item&id=2148
http://www.debian.org/security/2008/dsa-1613
http://www.debian.org/security/2009/dsa-1750
http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
http://www.kb.cert.org/vuls/id/684664 Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2007:116
http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt Vendor Advisory
http://www.novell.com/linux/security/advisories/2007_13_sr.html
http://www.redhat.com/support/errata/RHSA-2007-0356.html
http://www.securityfocus.com/archive/1/468910/100/0/threaded
http://www.securityfocus.com/archive/1/489135/100/0/threaded
http://www.securityfocus.com/bid/24000
http://www.securityfocus.com/bid/24023
http://www.securitytracker.com/id?1018078
http://www.trustix.org/errata/2007/0019/
http://www.ubuntu.com/usn/usn-472-1
http://www.vupen.com/english/advisories/2007/1838
http://www.vupen.com/english/advisories/2007/2385
http://www.vupen.com/english/advisories/2008/0924/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/34340
https://issues.rpath.com/browse/RPL-1381
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10094
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
OR cpe:2.3:a:png_reference_library:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:png_reference_library:libpng:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:30

Type Values Removed Values Added
References () http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html - () http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html -
References () http://docs.info.apple.com/article.html?artnum=307562 - () http://docs.info.apple.com/article.html?artnum=307562 -
References () http://irrlicht.sourceforge.net/changes.txt - () http://irrlicht.sourceforge.net/changes.txt -
References () http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html - () http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html -
References () http://openpkg.com/go/OpenPKG-SA-2007.013 - () http://openpkg.com/go/OpenPKG-SA-2007.013 -
References () http://osvdb.org/36196 - () http://osvdb.org/36196 -
References () http://secunia.com/advisories/25268 - Vendor Advisory () http://secunia.com/advisories/25268 - Vendor Advisory
References () http://secunia.com/advisories/25273 - Vendor Advisory () http://secunia.com/advisories/25273 - Vendor Advisory
References () http://secunia.com/advisories/25292 - Vendor Advisory () http://secunia.com/advisories/25292 - Vendor Advisory
References () http://secunia.com/advisories/25329 - Vendor Advisory () http://secunia.com/advisories/25329 - Vendor Advisory
References () http://secunia.com/advisories/25353 - () http://secunia.com/advisories/25353 -
References () http://secunia.com/advisories/25461 - () http://secunia.com/advisories/25461 -
References () http://secunia.com/advisories/25554 - () http://secunia.com/advisories/25554 -
References () http://secunia.com/advisories/25571 - () http://secunia.com/advisories/25571 -
References () http://secunia.com/advisories/25742 - () http://secunia.com/advisories/25742 -
References () http://secunia.com/advisories/25787 - () http://secunia.com/advisories/25787 -
References () http://secunia.com/advisories/25867 - () http://secunia.com/advisories/25867 -
References () http://secunia.com/advisories/27056 - () http://secunia.com/advisories/27056 -
References () http://secunia.com/advisories/29420 - () http://secunia.com/advisories/29420 -
References () http://secunia.com/advisories/30161 - () http://secunia.com/advisories/30161 -
References () http://secunia.com/advisories/31168 - () http://secunia.com/advisories/31168 -
References () http://secunia.com/advisories/34388 - () http://secunia.com/advisories/34388 -
References () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.492650 - () http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.492650 -
References () http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624 - Patch () http://sourceforge.net/project/shownotes.php?release_id=508653&group_id=5624 - Patch
References () http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624 - Patch () http://sourceforge.net/project/shownotes.php?release_id=508656&group_id=5624 - Patch
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1 -
References () http://sunsolve.sun.com/search/document.do?assetkey=1-66-200871-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-66-200871-1 -
References () http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm - () http://support.avaya.com/elmodocs2/security/ASA-2007-254.htm -
References () http://www.coresecurity.com/?action=item&id=2148 - () http://www.coresecurity.com/?action=item&id=2148 -
References () http://www.debian.org/security/2008/dsa-1613 - () http://www.debian.org/security/2008/dsa-1613 -
References () http://www.debian.org/security/2009/dsa-1750 - () http://www.debian.org/security/2009/dsa-1750 -
References () http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml - () http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml -
References () http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml - () http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml -
References () http://www.kb.cert.org/vuls/id/684664 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/684664 - Third Party Advisory, US Government Resource
References () http://www.mandriva.com/security/advisories?name=MDKSA-2007:116 - () http://www.mandriva.com/security/advisories?name=MDKSA-2007:116 -
References () http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt - Vendor Advisory () http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/l/li/libpng/libpng-1.2.17-ADVISORY.txt - Vendor Advisory
References () http://www.novell.com/linux/security/advisories/2007_13_sr.html - () http://www.novell.com/linux/security/advisories/2007_13_sr.html -
References () http://www.redhat.com/support/errata/RHSA-2007-0356.html - () http://www.redhat.com/support/errata/RHSA-2007-0356.html -
References () http://www.securityfocus.com/archive/1/468910/100/0/threaded - () http://www.securityfocus.com/archive/1/468910/100/0/threaded -
References () http://www.securityfocus.com/archive/1/489135/100/0/threaded - () http://www.securityfocus.com/archive/1/489135/100/0/threaded -
References () http://www.securityfocus.com/bid/24000 - () http://www.securityfocus.com/bid/24000 -
References () http://www.securityfocus.com/bid/24023 - () http://www.securityfocus.com/bid/24023 -
References () http://www.securitytracker.com/id?1018078 - () http://www.securitytracker.com/id?1018078 -
References () http://www.trustix.org/errata/2007/0019/ - () http://www.trustix.org/errata/2007/0019/ -
References () http://www.ubuntu.com/usn/usn-472-1 - () http://www.ubuntu.com/usn/usn-472-1 -
References () http://www.vupen.com/english/advisories/2007/1838 - () http://www.vupen.com/english/advisories/2007/1838 -
References () http://www.vupen.com/english/advisories/2007/2385 - () http://www.vupen.com/english/advisories/2007/2385 -
References () http://www.vupen.com/english/advisories/2008/0924/references - () http://www.vupen.com/english/advisories/2008/0924/references -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/34340 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/34340 -
References () https://issues.rpath.com/browse/RPL-1381 - () https://issues.rpath.com/browse/RPL-1381 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10094 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10094 -
Information

Published : 2007-05-16 22:30

Updated : 2024-11-21 00:30

NVD link : CVE-2007-2445

Mitre link : CVE-2007-2445

CVE.ORG link : CVE-2007-2445

JSON object : View

Products Affected

png_reference_library

  • libpng

linux

  • linux_kernel
CWE
NVD-CWE-noinfo

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024