pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libpng | Libpng | * | * |
Libpng | Libpng | 1.2.0 | * |