CVE

Id
57675  
CVE No.
CVE-2012-4432  
Status
Candidate  
Description
Use-after-free vulnerability in opngreduc.c in OptiPNG Hg and 0.7.x before 0.7.3 might allow remote attackers to execute arbitrary code via unspecified vectors related to "palette reduction."  
Phase
Assigned (20120821)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
594725 57675 CVE-2012-4432 MLIST:[oss-security] 20120917 CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability  View
594726 57675 CVE-2012-4432 URL:http://www.openwall.com/lists/oss-security/2012/09/17/5  View
594727 57675 CVE-2012-4432 MLIST:[oss-security] 20120917 Re: CVE request: OptiPNG Palette Reduction Use-After-Free Vulnerability  View
594728 57675 CVE-2012-4432 URL:http://www.openwall.com/lists/oss-security/2012/09/18/2  View
594729 57675 CVE-2012-4432 CONFIRM:http://optipng.hg.sourceforge.net/hgweb/optipng/optipng/rev/f1d5d44670a2  View
594730 57675 CVE-2012-4432 CONFIRM:http://optipng.sourceforge.net/  View
594731 57675 CVE-2012-4432 CONFIRM:http://sourceforge.net/news/?group_id=151404  View
594732 57675 CVE-2012-4432 BID:55566  View
594733 57675 CVE-2012-4432 URL:http://www.securityfocus.com/bid/55566  View
594734 57675 CVE-2012-4432 SECUNIA:50654  View
594735 57675 CVE-2012-4432 URL:http://secunia.com/advisories/50654  View
594736 57675 CVE-2012-4432 XF:optipng-palette-code-execution(78743)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
25272 JVNDB-2012-000094 Smarty におけるクロスサイトスクリプティングの脆弱性 Smarty には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-4437 57675 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000094.html  View
28955 JVNDB-2012-004662 Smarty の SmartyException クラスにおけるクロスサイトスクリプティングの脆弱性 Smarty の SmartyException クラスには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-4437 57675 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004662.html  View