CVE-2010-1519

Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to (1) the pngLoadRawF function and (2) the pngLoadF function, leading to heap-based buffer overflows.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
flexeraCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
glpngglpng
1.45
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libglpng
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
ignored
maverick
ignored
lucid
ignored
karmic
ignored
jaunty
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/40354
http://secunia.com/secunia_research/2010-87/
http://www.mandriva.com/security/advisories?name=MDVSA-2010:179
http://www.securityfocus.com/archive/1/513022/100/0/threaded
http://secunia.com/advisories/40354
http://secunia.com/secunia_research/2010-87/
http://www.mandriva.com/security/advisories?name=MDVSA-2010:179
http://www.securityfocus.com/archive/1/513022/100/0/threaded