← Voltar para CVEs

CVE-2017-12652

CRITICAL

9.8

Descricao

libpng before 1.6.32 does not properly check the length of chunks against the user limit.

Detalhes CVE

Pontuacao CVSS v3.19.8

SeveridadeCRITICAL

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado7/10/2019

Ultima modificacao6/9/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

libpng:libpngnetapp:active_iq_unified_manager

Fraquezas (CWE)

CWE-20CWE-20

Referencias

http://www.securityfocus.com/bid/109269(cve@mitre.org)

https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE(cve@mitre.org)

https://github.com/pnggroup/libpng/commit/347538efbdc21b8df684ebd92d37400b3ce85d55(cve@mitre.org)

https://security.netapp.com/advisory/ntap-20220506-0003/(cve@mitre.org)

https://support.f5.com/csp/article/K88124225(cve@mitre.org)

https://support.f5.com/csp/article/K88124225?utm_source=f5support&utm_medium=RSS(cve@mitre.org)

http://www.securityfocus.com/bid/109269(af854a3a-2127-422b-91ae-364da2661108)

https://github.com/glennrp/libpng/blob/df7e9dae0c4aac63d55361e35709c864fa1b8363/ANNOUNCE(af854a3a-2127-422b-91ae-364da2661108)

https://security.netapp.com/advisory/ntap-20220506-0003/(af854a3a-2127-422b-91ae-364da2661108)

https://support.f5.com/csp/article/K88124225(af854a3a-2127-422b-91ae-364da2661108)

https://support.f5.com/csp/article/K88124225?utm_source=f5support&amp%3Butm_medium=RSS(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.