CVE-2016-10087

Published: 1/30/2017 Last updated: 8/6/2024 Reserved: 12/30/2016

The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (4)

conf-gd conf-libpng grib qrencode

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 2.6.34

References (16)

https://security.gentoo.org/glsa/201701-74
https://usn.ubuntu.com/3712-1/
http://www.openwall.com/lists/oss-security/2016/12/30/4
http://www.securityfocus.com/bid/95157
https://usn.ubuntu.com/3712-2/
http://www.openwall.com/lists/oss-security/2016/12/29/2
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://security.gentoo.org/glsa/201701-74
https://usn.ubuntu.com/3712-1/
http://www.openwall.com/lists/oss-security/2016/12/30/4
http://www.securityfocus.com/bid/95157
https://usn.ubuntu.com/3712-2/
http://www.openwall.com/lists/oss-security/2016/12/29/2
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E