FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

optipng -- use-after-free vulnerability

Affected packages
0.7 <= optipng < 0.7.4

Details

VuXML ID a8818f7f-9182-11e2-9bdf-d48564727302
Discovery 2012-09-16
Entry 2013-03-21

Secunia reports:

A vulnerability has been reported in OptiPNG, which can be exploited by malicious people to potentially compromise a user's system.

The vulnerability is caused due to a use-after-free error related to the palette reduction functionality. No further information is currently available.

Success exploitation may allow execution of arbitrary code.

[source]

References

CVE Name CVE-2012-4432
URL https://secunia.com/advisories/50654

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.