mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
818 B
818 B
CVE-2013-6954
Description
The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via (1) a PLTE chunk of zero bytes or (2) a NULL palette, related to pngrtran.c and pngset.c.
POC
Reference
- http://www-01.ibm.com/support/docview.wss?uid=swg21672080
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
Github
No PoCs found on GitHub currently.