CVE-2008-5907

Impact:
Low
Public Date:
2008-11-26
Bugzilla:
480321: CVE-2008-5907 libpng,libpng10: Zeroing value of an arbitrary memory location in utilities for writing PNG files

The MITRE CVE dictionary describes this issue as:

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.

Find out more about CVE-2008-5907 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat does not consider this bug to be a security issue. For a more detailed explanation, please see the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-5907

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.