A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).

A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to an off-by-one error within the "png_push_read_zTXt()" function in pngread.c when processing malicious PNG images with specially crafted zTXt chunks, which can be exploited to crash an application using the library.

The vulnerability was reportedly introduced in version 1.2.30beta04 and is reported in version 1.2.31. Other versions may also be affected.

Note: An off-by-one error in pngtest.c was also fixed.

Fixed in version 1.2.32beta01.