CVE-2006-5793 — Improper Input Validation in Roelofs Libpng

CWE-20 — Improper Input Validation9 documents6 sources

Severity

2.6LOWNVD

EPSS

2.3%

top 15.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Greg Roelofs Libpng

Timeline

PublishedNov 17

Latest updateMay 1

Description

The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDgreg_roelofs/libpng18 versions+17

Patches

Patch: bugs.gentoo.org ↗Patch: bugs.gentoo.org ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-gp79-46cf-7pmq: The sPLT chunk handling code (png_set_sPLT function in pngset↗2022-05-01

▶

CVEList

CVE-2006-5793: The sPLT chunk handling code (png_set_sPLT function in pngset↗2006-11-17

▶

📋Vendor Advisories

Ubuntu

libpng vulnerability↗2006-11-17

▶

Red Hat

libpng DoS↗2006-11-14

▶

💬Community

Bugzilla

CVE-2006-5793 libpng DoS↗2007-06-04

▶

Bugzilla

CVE-2006-5793 libpng, libpng10 DoS↗2006-11-21

▶

Bugzilla

CVE-2006-5793: libpng10 < 1.0.21 DoS vulnerability↗2006-11-18

▶

Bugzilla

CVE-2006-5793 libpng DoS↗2006-11-13

▶