CVE-2006-3334

Name of the Vulnerable Software and Affected Versions: libpng versions prior to 1.2.12

Description: The issue concerns multiple vulnerabilities in the libpng package, which can be exploited remotely. This exploitation may lead to a breach of confidentiality, integrity, and availability of protected information. Specifically, a buffer overflow in the png decompress chunk function allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the chunk name.

Recommendations: For libpng versions prior to 1.2.12, update to version 1.2.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the png decompress chunk function until a patch is available.