kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Document multiple vulnerabilities in optipng.

Browse source 
PR:		216955
Submitted by:   Thomas Hurst <tom@hur.st> (affected port maintainer)
This commit is contained in:
Guido Falsi 2017-02-16 21:40:34 +00:00
parent b3db121977
commit 1c47a68e82
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=434256
1 changed files with 36 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
security/vuxml/vuln.xml
View file

@ -58,6 +58,42 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="8fedf75c-ef2f-11e6-900e-003048f78448">
<topic>optipng -- multiple vulnerabilities</topic>
<affects>
<package>
<name>optipng</name>
<range><lt>0.7.6</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7802">
<p>ifread.c in gif2png, as used in OptiPNG before 0.7.6, allows remote attackers to cause a denial of service (uninitialized memory read) via a crafted GIF file.</p>
</blockquote>
<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2191">
<p>The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (invalid memory write and crash) via a series of delta escapes in a crafted BMP image.</p>
</blockquote>
<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3981">
<p>Heap-based buffer overflow in the bmp_read_rows function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file.</p>
</blockquote>
<blockquote cite="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3982">
<p>Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service (out-of-bounds read or write access and crash) or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow.</p>
</blockquote>
</body>
</description>
<references>
<cvename>CVE-2015-7802</cvename>
<cvename>CVE-2016-2191</cvename>
<cvename>CVE-2016-3981</cvename>
<cvename>CVE-2016-3982</cvename>
</references>
<dates>
<discovery>2015-10-09</discovery>
<entry>2017-02-16</entry>
</dates>
</vuln>
<vuln vid="1a802ba9-f444-11e6-9940-b499baebfeaf">
<topic>openssl -- crash on handshake</topic>
<affects>