2009-07-05 18:30:00 2018-10-10 21:39:32

Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Dillo Dillo 0.8.4 (not an official CPE) Dillo Dillo 0.8.3 (not an official CPE) Dillo Dillo 0.8.2 (not an official CPE) Dillo Dillo 0.8.1 (not an official CPE) Dillo Dillo 0.8 (not an official CPE) Dillo Dillo 0.7.3 (not an official CPE) Dillo Dillo 0.7.2 (not an official CPE) Dillo Dillo 0.7.1.2 (not an official CPE) Dillo Dillo 0.7.1 (not an official CPE) Dillo Dillo 0.7 (not an official CPE) Dillo Dillo 0.6.6 (not an official CPE) Dillo Dillo 0.6.5 (not an official CPE) Dillo Dillo 0.6.4 (not an official CPE) Dillo Dillo 0.6.3 (not an official CPE) Dillo Dillo 0.6.2 (not an official CPE) Dillo Dillo 0.6.1 (not an official CPE) Dillo Dillo 0.6 (not an official CPE) Dillo Dillo 0.5.1 (not an official CPE) Dillo Dillo 0.5.0 (not an official CPE) Dillo Dillo 0.4 (not an official CPE) Dillo Dillo 0.3.2 (not an official CPE) Dillo Dillo 0.3.1 (not an official CPE) Dillo Dillo 0.3 (not an official CPE) Dillo Dillo 0.2.4 (not an official CPE) Dillo Dillo 0.2.3 (not an official CPE) Dillo Dillo 0.2.2 (not an official CPE) Dillo Dillo 0.2.1 (not an official CPE) Dillo Dillo 0.2 (not an official CPE) Dillo Dillo 0.1.0 (not an official CPE) Dillo Dillo 0.0.43 (not an official CPE) Dillo Dillo 0.0.42 (not an official CPE) Dillo Dillo 0.0.6 (not an official CPE) Dillo Dillo 0.0.5 (not an official CPE) Dillo Dillo 0.0.4 (not an official CPE) Dillo Dillo 0.0.3 (not an official CPE) Dillo Dillo 0.0.2 (not an official CPE) Dillo Dillo 0.0.1 (not an official CPE) Dillo Dillo 0.0.0 (not an official CPE) Dillo Dillo 0.8.5 Pre-dw-design1 (not an official CPE) Dillo Dillo 0.8.5 Pre-dw-design2 (not an official CPE) Dillo Dillo 0.8.5 Pre-dw-design3 (not an official CPE) Dillo Dillo 0.8.6 (not an official CPE) Dillo Dillo 2.1 (not an official CPE)