Skip to main content

NULL Pointer Dereference


Severity High
Score 7.5/10


The png_set_text_2 function in libpng before 1.0.67, 1.2.x before 1.2.57, 1.3.0 before 1.4.20, 1.5.x before 1.5.28,1.6.x before 1.6.27 and 1.7.x before 1.7.0beta86 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.

  • LOW
  • NONE
  • NONE
  • NONE
  • NONE
  • HIGH

CWE-476 - NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Advisory Timeline

  • Published