PT-2019-16620 · Libming+1 · Libming+1

Cool-Tomato

Published

2019-01-02

Updated

2021-07-21

CVE-2019-3572

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions libming version 0.4.8

Description An issue was discovered in the writePNG function within the dbl2png command-line program, specifically in the file util/dbl2png.c. This issue involves a heap-based buffer over-read. Due to an erroneous call to png write row in libpng, there is a potential for an out-of-bounds write to occur under certain memory layouts.

Recommendations For libming version 0.4.8, at the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

CVE-2019-3572

Affected Products

Libming

Libpng

PT-2019-16620 · Libming+1 · Libming+1

CVE-2019-3572

Weakness Enumeration

Related Identifiers

Affected Products

References · 6