|
|
Subscribe / Log in / New account

optipng: code execution

Package(s):optipng CVE #(s):CVE-2012-4432
Created:October 11, 2012 Updated:April 8, 2014
Description:

From the SUSE Bugzilla entry:

A vulnerability has been reported in OptiPNG, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to a use-after-free error related to the palette reduction functionality. No further information is currently available.

Success exploitation may allow execution of arbitrary code.

Alerts:
Gentoo 201404-03 optipng 2014-04-08
openSUSE openSUSE-SU-2012:1329-1 optipng 2012-10-11
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds