Heap-based buffer overflow in the png_combine_row...
High severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Jan 10, 2015
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Jan 27, 2023
Heap-based buffer overflow in the png_combine_row function in libpng before 1.5.21 and 1.6.x before 1.6.16, when running on 64-bit systems, might allow context-dependent attackers to execute arbitrary code via a "very wide interlaced" PNG image.
References