CVE-2014-0333

Published: 02/27/2014 20:55:04

The png_push_read_chunk function in pngpread.c in the progressive decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an IDAT chunk with a length of zero.

MEDIUM
CVSS v2: 5

Status

DocFilters Release	Package	State	Justification	Comment
25.1	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
24.4	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
24.4.0	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
24.3	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
24.2.1	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
24.2	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
24.1	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
23.3	libpng (1.6.40)	Not Affected	Code Not Present	1.6.40 does not match CVE configuration.
23.2.1	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
23.2	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
23.1	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
22.4	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
22.3	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
22.2	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
22.1	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.11.1	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.11	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.8.1	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.8	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.5.1	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.5.0	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
21.2.0	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
11.4.20	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
11.4.19.3667	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
11.4.18.3599	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
11.4.17	libpng (1.6.37)	Not Affected	Code Not Present	1.6.37 does not match CVE configuration.
11.4.16.3445	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.15.3368	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.14.3263	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.13.3179	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.12.3054	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.11.3040	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.11.2990	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.10.2934	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.9.2878	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.
11.4.8.2822	libpng (1.6.28)	Not Affected	Code Not Present	1.6.28 does not match CVE configuration.

Severity score breakdown

References

NVD
MITRE