CVE-2009-2042

CVE-2009-2042 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.

Learn more about our Web Application Penetration Testing UK.