Description
CVE-2010-2249 - Medium Severity Vulnerability
Vulnerable Library - libpngv1.2.2
mirror of git://git.code.sf.net/p/libpng/code (mirror of the official repository)
Library home page: https://api.github.com/repos/miningathome/libpng
Found in HEAD commit: d97880ba89bf1993a666df0811aabe9d2311719e
Library Source Files (4)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
- /forever/pngrutil.c
- /forever/pngrio.c
- /forever/pngset.c
- /forever/pngrtran.c
Vulnerability Details
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
Publish Date: 2010-06-30
URL: CVE-2010-2249
CVSS 2 Score Details (5.0)
Base Score Metrics not available
Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2010-2249
Release Date: 2010-06-30
Fix Resolution: 1.2.44,1.4.3
Step up your Open Source Security Game with WhiteSource here