CVE-2016-2191

Priority
Description
The bmp_read_rows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6
allows remote attackers to cause a denial of service (invalid memory write
and crash) via a series of delta escapes in a crafted BMP image.
Assigned-to
mdeslaur
Notes
Package
Upstream:released (0.7.6)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [0.6.4-1ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (0.7.6-1)
More Information

Updated: 2019-12-05 18:44:26 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)