FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

optipng -- use-after-free vulnerability

Affected packages
0.7 <= optipng < 0.7.4


VuXML ID a8818f7f-9182-11e2-9bdf-d48564727302
Discovery 2012-09-16
Entry 2013-03-21

Secunia reports:

A vulnerability has been reported in OptiPNG, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to a use-after-free error related to the palette reduction functionality. No further information is currently available.

Success exploitation may allow execution of arbitrary code.


CVE Name CVE-2012-4432