CVE-2016-2191

Name of the Vulnerable Software and Affected Versions OptiPNG versions prior to 0.7.6

Description The issue allows remote attackers to cause a denial of service, resulting in an invalid memory write and crash. This is achieved through a series of delta escapes in a crafted BMP image, specifically targeting the bmp read rows function in pnxtern/pngxrbmp.c.

Recommendations For versions prior to 0.7.6, update to version 0.7.6 or later to resolve the issue. As a temporary workaround, consider restricting the processing of BMP images from untrusted sources until the update is applied.