FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pngcrush -- libpng Uninitialised Pointer Arrays Vulnerability

Affected packages
pngcrush < 1.6.14

Details

VuXML ID ea2411a4-08e8-11de-b88a-0022157515b2
Discovery 2009-02-19
Entry 2009-03-04

Secunia reports:

A vulnerability has been reported in Pngcrush, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to the use of vulnerable libpng code.

References

Bugtraq ID 33827
CVE Name CVE-2009-0040
URL http://secunia.com/advisories/33976
URL http://xforce.iss.net/xforce/xfdb/48819