CVE-2016-3982

Priority
Description
Off-by-one error in the bmp_rle4_fread function in pngxrbmp.c in OptiPNG
before 0.7.6 allows remote attackers to cause a denial of service
(out-of-bounds read or write access and crash) or possibly execute
arbitrary code via a crafted image file, which triggers a heap-based buffer
overflow.
Assigned-to
mdeslaur
Notes
tyhicksverified that 14.04 through 15.10 are affected via valgrind and
the reproducer from bugs.fi
Package
Upstream:released (0.7.6-1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [0.6.4-1ubuntu0.14.04.1])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (0.7.6-1)
More Information

Updated: 2019-12-05 18:45:02 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)