Greg Roelofs

greg_roelofs

12 CVEs • 3 products

Products (3)

Click to collapse

Toggle

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2011-3328 1Greg Roelofs 1Libpng Apr 29, 2026 Jan 17, 2012 N/A· v4 N/A· v3 2.6 LOW· v2 The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG...Show more The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.Show less
CVE-2006-5793 1Greg Roelofs 1Libpng Apr 23, 2026 Nov 17, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash)...Show more The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng 1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which allows context-dependent attackers to cause a denial of service (crash) via malformed sPLT chunks that trigger an out-of-bounds read.Show less
CVE-2006-3334 1Greg Roelofs 1Libpng Apr 16, 2026 Jun 30, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors relat...Show more Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name".Show less
CVE-2006-0481 1Greg Roelofs 1Libpng Apr 16, 2026 Jan 31, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out o...Show more Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.Show less
CVE-2005-3662 1Greg Roelofs 1Pnmtopng Apr 16, 2026 Nov 18, 2005 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM...Show more Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors.Show less
CVE-2004-0599 1Greg Roelofs 1Libpng Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cau...Show more Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.Show less
CVE-2004-0598 1Greg Roelofs 1Libpng Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
CVE-2004-0597 2Greg Roelofs Microsoft 6Libpng Msn MessengerWindows 98se+3 more Apr 16, 2026 Nov 23, 2004 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly v...Show more Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.Show less
CVE-2004-0768 1Greg Roelofs 1Libpng3 Apr 16, 2026 Oct 20, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2002-1363 1Greg Roelofs 1Libpng Apr 16, 2026 Dec 26, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer o...Show more Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.Show less
CVE-2002-0728 1Greg Roelofs 1Libpng Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the...Show more Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.Show less
CVE-2002-0660 1Greg Roelofs 2Libpng Libpng3 Apr 16, 2026 Aug 12, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a diffe...Show more Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-0728.Show less