CVE-2008-3964

Impact:
Moderate
Public Date:
2008-09-05
CWE:
CWE-193
Bugzilla:
461599: CVE-2008-3964 libpng: off-by-one error in png_push_read_zTXt()

The MITRE CVE dictionary describes this issue as:

Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.

Find out more about CVE-2008-3964 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Not vulnerable. These issues did not affect the versions of libpng as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.