CVE-2002-1363

Published: Dec 26, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.

Affected (14)

Products: Greg Roelofs: Libpng

1 product

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Greg Roelofs Libpng	Version 1.0.11
Greg Roelofs Libpng	Version 1.0.12
Greg Roelofs Libpng	Version 1.0.13
Greg Roelofs Libpng	Version 1.0.14
Greg Roelofs Libpng	Version 1.0.5
Greg Roelofs Libpng	Version 1.0.6
Greg Roelofs Libpng	Version 1.0.7
Greg Roelofs Libpng	Version 1.0.8
Greg Roelofs Libpng	Version 1.0.9
Greg Roelofs Libpng	Version 1.2.0
Greg Roelofs Libpng	Version 1.2.1
Greg Roelofs Libpng	Version 1.2.2
Greg Roelofs Libpng	Version 1.2.3
Greg Roelofs Libpng	Version 1.2.4

References (28)

http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008

Source: cve@mitre.org

http://www.debian.org/security/2002/dsa-213

Source: cve@mitre.org

PatchVendor Advisory

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2003_004_libpng.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-006.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-007.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-119.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2003-157.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-249.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-402.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/6431

Source: cve@mitre.org

https://bugzilla.fedora.us/show_bug.cgi?id=1943

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/10925

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657

Source: cve@mitre.org

http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:008

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2002/dsa-213

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:063

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.novell.com/linux/security/advisories/2003_004_libpng.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-006.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-007.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-119.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2003-157.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-249.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2004-402.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/6431

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.fedora.us/show_bug.cgi?id=1943

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/10925

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3657

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.