CVE-2007-5266

Impact:
Moderate
Public Date:
2007-09-11
Bugzilla:
324711: CVE-2007-5266 libpng DoS / crash in png_set_iCCP

The MITRE CVE dictionary describes this issue as:

Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated.

Find out more about CVE-2007-5266 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. This issue did not affect the versions of libpng and libpng10 as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.