CVE-2007-2445

Publication date 16 May 2007

Last updated 24 July 2024


Ubuntu priority

The png_handle_tRNS function in pngrutil.c in libpng before 1.0.25 and 1.2.x before 1.2.17 allows remote attackers to cause a denial of service (application crash) via a grayscale PNG image with a bad tRNS chunk CRC value.

Status

Package Ubuntu Release Status
libpng 7.04 feisty
Fixed 1.2.15~beta5-1ubuntu1
6.10 edgy
Fixed 1.2.8rel-5.1ubuntu0.2
6.06 LTS dapper
Fixed 1.2.8rel-5ubuntu0.2

References

Related Ubuntu Security Notices (USN)

    • USN-472-1
    • libpng vulnerability
    • 12 June 2007

Other references