The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Off-by-one error in the png_formatted_warning function in pngerror.c in libpng 1.5.4 through 1.5.7 might allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified vectors, which trigger a stack-based buffer overflow.
|62645||Fedora 17 : mingw-libpng-1.5.13-1.fc17 (2012-15613)||Nessus||Fedora Local Security Checks|
|62486||Fedora 18 : mingw-libpng-1.5.13-1.fc18 (2012-15592)||Nessus||Fedora Local Security Checks|
|59668||GLSA-201206-15 : libpng: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|