Your submission was sent successfully! Close

CVE-2012-4432

Published: 01 October 2012

Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction."

Priority

Medium

Status

Package Release Status
optipng
Launchpad, Ubuntu, Debian
Upstream
Released (0.7.3)
Patches:
Upstream: http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2

Notes

AuthorNote
jdstrand
per upstream, introduced in 0.7

References