DSA-2287-1 libpng -- severalID: oval:org.secpod.oval:def:600598 | Date: (C)2011-07-29 (M)2023-11-09 |
Class: PATCH | Family: unix |
The PNG library libpng has been affected by several vulnerabilities. The most critical one is the identified as CVE-2011-2690. Using this vulnerability, an attacker is able to overwrite memory with an arbitrary amount of data controlled by her via a crafted PNG image. The other vulnerabilities are less critical and allow an attacker to cause a crash in the program via a crafted PNG image.
Platform: |
Debian 5.0 |
Debian 6.0 |
Product: |
libpng-sixlegs-java |