CVE-2016-10087
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2016-10087
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10087.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2016-10087
- Related
- Published
- 2017-01-30T22:59:00Z
- Modified
- 2025-02-19T02:09:45.545393Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
The pngsettext_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.
- References
-
- http://www.securityfocus.com/bid/95157
- https://security.gentoo.org/glsa/201701-74
- http://www.openwall.com/lists/oss-security/2016/12/29/2
- http://www.openwall.com/lists/oss-security/2016/12/30/4
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://usn.ubuntu.com/3712-1/
- https://usn.ubuntu.com/3712-2/
- https://security-tracker.debian.org/tracker/CVE-2016-10087
Affected packages
Debian:11 / libpng1.6
Package
- Name
- libpng1.6
- Purl
- pkg:deb/debian/libpng1.6?arch=source
Debian:12 / libpng1.6
Package
- Name
- libpng1.6
- Purl
- pkg:deb/debian/libpng1.6?arch=source
Debian:13 / libpng1.6
Package
- Name
- libpng1.6
- Purl
- pkg:deb/debian/libpng1.6?arch=source
Git / github.com/clearlinux-pkgs/libpng
Affected ranges
- Type
- GIT
- Repo
- https://github.com/clearlinux-pkgs/libpng
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affected
- Type
- GIT
- Repo
- https://github.com/glennrp/libpng
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
Affected versions
1.*
1.6.18-12
1.6.19-13
1.6.19-14
1.6.20-15
1.6.20-16
1.6.21-17
1.6.21-18
1.6.21-19
1.6.22-20
1.6.23-21
1.6.24-22
v0.*
v0.71
v0.81
v0.82
v0.85
v0.86
v0.87
v0.88
v0.89
v0.89c
v0.90
v0.96
v0.97
v0.97a
v0.97c
v0.98
v0.99
v0.99a
v0.99c
v0.99d
v0.99e
v0.99i
v0.99j
v0.99k
v0.99m
v0.99n
v0.99p
v1.*
v1.0.0
v1.0.0a
v1.0.0b
v1.0.1
v1.0.10
v1.0.10beta1
v1.0.10rc1
v1.0.11
v1.0.11beta1
v1.0.11beta2
v1.0.11beta3
v1.0.11rc1
v1.0.12beta1
v1.0.13
v1.0.14
v1.0.15
v1.0.15rc1
v1.0.15rc2
v1.0.15rc3
v1.0.16
v1.0.17
v1.0.18
v1.0.19
v1.0.19rc1
v1.0.19rc2
v1.0.19rc5
v1.0.1a
v1.0.1b
v1.0.1c
v1.0.1d
v1.0.1e
v1.0.2
v1.0.20
v1.0.21
v1.0.21rc1
v1.0.21rc2
v1.0.22
v1.0.22rc1
v1.0.23
v1.0.23rc1
v1.0.23rc2
v1.0.23rc3
v1.0.23rc4
v1.0.23rc5
v1.0.24
v1.0.24rc1
v1.0.25
v1.0.25rc1
v1.0.25rc2
v1.0.26
v1.0.27
v1.0.27rc1
v1.0.27rc2
v1.0.27rc3
v1.0.27rc4
v1.0.27rc5
v1.0.27rc6
v1.0.2a
v1.0.2b
v1.0.3
v1.0.4
v1.0.4-pre1
v1.0.4-pre2
v1.0.4-pre3
v1.0.4c
v1.0.4d
v1.0.4d2
v1.0.4e
v1.0.4f
v1.0.5
v1.0.5-pre1
v1.0.5a
v1.0.5c
v1.0.5d
v1.0.5h
v1.0.5q
v1.0.5s
v1.0.6
v1.0.6a
v1.0.6d
v1.0.6e
v1.0.6f
v1.0.6g
v1.0.6h
v1.0.6i
v1.0.6j
v1.0.7
v1.0.7beta11
v1.0.7beta12
v1.0.7beta13
v1.0.7beta14
v1.0.7beta15
v1.0.7beta16
v1.0.7beta17
v1.0.7beta18
v1.0.7rc1
v1.0.7rc2
v1.0.8
v1.0.8beta1
v1.0.8beta2
v1.0.8beta3
v1.0.8beta4
v1.0.8rc1
v1.0.9
v1.0.9beta1
v1.0.9beta10
v1.0.9beta2
v1.0.9beta3
v1.0.9beta4
v1.0.9beta5
v1.0.9beta6
v1.0.9beta7
v1.0.9beta8
v1.0.9beta9
v1.0.9rc1
v1.0.9rc2
v1.00