Candidate: CVE-2009-0749
PublicDate: 2009-03-02 20:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0749
Description:
 Use-after-free vulnerability in the GIFReadNextExtension function in
 lib/pngxtern/gif/gifread.c in OptiPNG 0.6.2 and earlier allows
 context-dependent attackers to cause a denial of service (application
 crash) via a crafted GIF image that causes the realloc function to return a
 new pointer, which triggers memory corruption when the old pointer is
 accessed.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/optipng/+bug/297440
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_optipng:
upstream_optipng: released (0.6.2.1-1)
dapper_optipng: DNE
gutsy_optipng: needed (reached end-of-life)
hardy_optipng: ignored (reached end-of-life)
intrepid_optipng: needed (reached end-of-life)
jaunty_optipng: not-affected (0.6.2.1-1)
karmic_optipng: not-affected (0.6.2.1-1)
lucid_optipng: not-affected (0.6.2.1-1)
maverick_optipng: not-affected (0.6.2.1-1)
natty_optipng: not-affected (0.6.2.1-1)
oneiric_optipng: not-affected (0.6.2.1-1)
devel_optipng: not-affected (0.6.2.1-1)