Bugzilla – Bug 1102846
VUL-0: CVE-2018-14550: libpng,libpng12,libpng15,libpng12-0,libpng16: Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token()
Last modified: 2018-07-31 14:53:54 UTC
Stack-based buffer overflow in contrib/pngminus/pnm2png.c:get_token() function in libpng was found, possibly leading to arbitrary code execution when processing untrusted input.
Acording to upstream, the issue lies directly in pnm2png.c:
However, we do not distribute pnm2png at all. Please dispute in case of doubts.