CVE-2007-5268

N/A Unknown
Published: October 08, 2007 Modified: April 23, 2026
View on NVD

Description

pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical instead of bitwise operations and (2) incorrect comparisons, which might allow remote attackers to cause a denial of service (crash) via a crafted PNG image.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
Source: cve@mitre.org
Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=195261
Source: cve@mitre.org
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=307562
Source: cve@mitre.org
Third Party Advisory
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
Source: cve@mitre.org
Mailing List Third Party Advisory
http://secunia.com/advisories/27093
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27284
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27405
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27529
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27629
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/27746
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/29420
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/30161
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/30430
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/35302
Source: cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/35386
Source: cve@mitre.org
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323
Source: cve@mitre.org
Third Party Advisory
http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement
Source: cve@mitre.org
Patch Third Party Advisory
http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com
Source: cve@mitre.org
Third Party Advisory
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com
Source: cve@mitre.org
Patch Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
Source: cve@mitre.org
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
Source: cve@mitre.org
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
Source: cve@mitre.org
Third Party Advisory
http://www.coresecurity.com/?action=item&id=2148
Source: cve@mitre.org
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml
Source: cve@mitre.org
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
Source: cve@mitre.org
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:217
Source: cve@mitre.org
Third Party Advisory
http://www.securityfocus.com/archive/1/483582/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/489135/100/0/threaded
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25956
Source: cve@mitre.org
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-538-1
Source: cve@mitre.org
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
Source: cve@mitre.org
Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/3390
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0924/references
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1697
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1462
Source: cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1560
Source: cve@mitre.org
Third Party Advisory
https://issues.rpath.com/browse/RPL-1814
Source: cve@mitre.org
Broken Link
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=195261
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://docs.info.apple.com/article.html?artnum=307562
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory
http://secunia.com/advisories/27093
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27284
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27405
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27529
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27629
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/27746
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/29420
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/30161
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/30430
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/35302
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/35386
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://sourceforge.net/mailarchive/forum.php?thread_name=3.0.6.32.20071004082318.012a7628%40mail.comcast.net&forum_name=png-mng-implement
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
http://sourceforge.net/mailarchive/message.php?msg_name=5122753600C3E94F87FBDFFCC090D1FF0400EBC5%40MERCMBX07.na.sas.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.coresecurity.com/?action=item&id=2148
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:217
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/archive/1/483582/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/489135/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/25956
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/usn-538-1
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
http://www.vupen.com/english/advisories/2007/3390
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2008/0924/references
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1697
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1462
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1560
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://issues.rpath.com/browse/RPL-1814
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

76 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
3.1%
86th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

canonical libpng