Security Advisory

CVE-2013-6954

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2014-01-12 15:00:00

Last updated 2025-06-10 13:18:13

Assigner certcc

State PUBLISHED

Description

The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.

← Browse all CVEs View on cve.org ↗