CVE-2014-9495
Published: 10 January 2015
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
Notes
Author | Note |
---|---|
mdeslaur | only 1.5.x and 1.6.x |