CVE-2009-0749

Name of the Vulnerable Software and Affected Versions OptiPNG versions 0.6.2 and earlier

Description The issue is related to a use-after-free vulnerability in the GIFReadNextExtension function, which can cause memory corruption when accessing an old pointer after the realloc function returns a new pointer. This can be triggered by a crafted GIF image, leading to a denial of service in the form of an application crash.

Recommendations For OptiPNG versions 0.6.2 and earlier, update to a version later than 0.6.2 to resolve the issue. As a temporary workaround, consider avoiding the use of crafted GIF images that could trigger the realloc function to return a new pointer, thus minimizing the risk of memory corruption and application crash.