2
Candidate: CVE-2006-5793
4
https://usn.ubuntu.com/usn/usn-383-1
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793
7
The sPLT chunk handling code (png_set_sPLT function in pngset.c) in libpng
8
1.0.6 through 1.2.12 uses a sizeof operator on the wrong data type, which
9
allows context-dependent attackers to cause a denial of service (crash) via
10
malformed sPLT chunks that trigger an out-of-bounds read.
14
dapper_libpng: released (1.2.8rel-5ubuntu0.2)
15
edgy_libpng: released (1.2.8rel-5.1ubuntu0.2)
16
feisty_libpng: released (1.2.15~beta5-1ubuntu1)
17
devel_libpng: released (1.2.15~beta5-2)