• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

LibPNG Incorrect Offset Calculation Buffer Overflow Vulnerability

The libpng graphics library may incorrectly calculate some offsets when creating or modifying PNG files. This vulnerability has been reported when manipulating 16-bit samples from libpng.

Update: Further analysis by various vendors has revealed other occurrences of this issue. Fixes are available from various vendors.