Stack-based buffer overflow in png_formatted_warning in pngerror.c in libpng 1.5.4 through 1.5.7 allows remote attackers to cause a denial of service and potentially execute arbitrary code.

Stack-based buffer overflow in png_formatted_warning in pngerror.c in libpng 1.5.4 through 1.5.7 allows remote attackers to cause a denial of service and potentially execute arbitrary code.

CVE-2011-3464 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow.

Learn more about our Web Application Penetration Testing UK.