{"id":"UBUNTU-CVE-2016-10087","details":"The png_set_text_2 function in libpng 0.71 before 1.0.67, 1.2.x before 1.2.57, 1.4.x before 1.4.20, 1.5.x before 1.5.28, and 1.6.x before 1.6.27 allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure.","modified":"2026-02-12T19:19:41.880212Z","published":"2017-01-30T00:00:00Z","related":["USN-3712-1","USN-3712-2"],"upstream":["CVE-2016-10087"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2016-10087"},{"type":"REPORT","url":"https://sourceforge.net/p/libpng/code/ci/243d4e5f3fe71740d52a53cf3dd77cc83a3430ba"},{"type":"REPORT","url":"https://sourceforge.net/p/libpng/code/ci/812768d7a9c973452222d454634496b25ed415eb"},{"type":"REPORT","url":"https://sourceforge.net/p/libpng/code/ci/794a15fad6add4d636369d0b46f603a02995b2e2/"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2016/12/30/4"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3712-1"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3712-2"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2016-10087"}],"affected":[{"package":{"name":"libpng","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/libpng@1.2.50-1ubuntu2.14.04.3?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.50-1ubuntu2.14.04.3"}]}],"versions":["1.2.49-4ubuntu1","1.2.49-5ubuntu1","1.2.50-1ubuntu1","1.2.50-1ubuntu2","1.2.50-1ubuntu2.14.04.1","1.2.50-1ubuntu2.14.04.2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.2.50-1ubuntu2.14.04.3","binary_name":"libpng12-0"},{"binary_version":"1.2.50-1ubuntu2.14.04.3","binary_name":"libpng12-dev"},{"binary_version":"1.2.50-1ubuntu2.14.04.3","binary_name":"libpng3"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-10087.json"}},{"package":{"name":"libpng","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/libpng@1.2.54-1ubuntu1.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.54-1ubuntu1.1"}]}],"versions":["1.2.51-0ubuntu3","1.2.54-1","1.2.54-1ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.2.54-1ubuntu1.1","binary_name":"libpng12-0"},{"binary_version":"1.2.54-1ubuntu1.1","binary_name":"libpng12-dev"},{"binary_version":"1.2.54-1ubuntu1.1","binary_name":"libpng3"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-10087.json"}},{"package":{"name":"libpng1.6","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/libpng1.6@1.6.20-2ubuntu0.1~esm3?arch=source&distro=esm-apps/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.6.20-2","1.6.20-2ubuntu0.1~esm1","1.6.20-2ubuntu0.1~esm2","1.6.20-2ubuntu0.1~esm3"],"ecosystem_specific":{"binaries":[{"binary_version":"1.6.20-2ubuntu0.1~esm3","binary_name":"libpng16-16"},{"binary_version":"1.6.20-2ubuntu0.1~esm3","binary_name":"libpng16-dev"},{"binary_version":"1.6.20-2ubuntu0.1~esm3","binary_name":"libpng16-devtools"},{"binary_version":"1.6.20-2ubuntu0.1~esm3","binary_name":"libpng16-tools"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-10087.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}