CVE-2016-10087

Source
Severity Low
Remote Yes
Type Denial of service
Description
A NULL-pointer dereference issue has been found in png_set_text_2() in libpng. To be vulnerable, an application has to load a text chunk into the png structure, then delete all text, then add another text chunk to the same png structure.
Group Package Affected Fixed Severity Status Ticket
AVG-122 libpng12 1.2.56-4 1.2.57-1 Low Fixed
AVG-121 lib32-libpng12 1.2.56-4 1.2.57-1 Low Fixed
AVG-120 lib32-libpng 1.6.26-1 1.6.27-1 Low Fixed
AVG-119 libpng 1.6.26-2 1.6.27-1 Low Fixed
Date Advisory Group Package Severity Description
02 Jan 2017 ASA-201701-6 AVG-121 lib32-libpng12 Low denial of service
02 Jan 2017 ASA-201701-5 AVG-120 lib32-libpng Low denial of service
02 Jan 2017 ASA-201701-4 AVG-122 libpng12 Low denial of service
01 Jan 2017 ASA-201701-2 AVG-119 libpng Low denial of service
References
http://seclists.org/oss-sec/2016/q4/782
Notes
Fixed in 1.6.27 and 1.2.57
https://sourceforge.net/p/libpng/code/ci/243d4e5f3fe71740d52a53cf3dd77cc83a3430ba
https://sourceforge.net/p/libpng/code/ci/812768d7a9c973452222d454634496b25ed415eb (libpng16)
https://sourceforge.net/p/libpng/code/ci/794a15fad6add4d636369d0b46f603a02995b2e2 (libpng12)