Skip to content

Commit b69dd47

Browse files
committed
add: AVE-2007-0001
1 parent 4cdb89c commit b69dd47

1 file changed

Lines changed: 36 additions & 17 deletions

File tree

vulns/2007/AVE-2007-0005.toml

Lines changed: 36 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,44 @@
1+
[id]
2+
ave_id = "AVE-2007-0005"
3+
cve_id = "CVE-2007-2445"
4+
aliases = ["CVE-2007-2445"]
5+
16
[basic]
2-
description = "Vulnerability identified as CVE-2007-2445. Please refer to vendor advisory for details."
3-
published = "2026-07-10"
4-
remediation = "Refer to vendor advisory and upgrade to fixed version."
5-
score = 5.0
7+
title = "libpng tRNS块CRC校验拒绝服务漏洞"
8+
description = "libpng的png_handle_tRNS函数在处理tRNS透明块时存在缺陷,未能正确校验灰度PNG图像中tRNS块的CRC校验值。远程攻击者可通过构造特制的灰度PNG图像,诱使用户或应用程序解析该图像,触发png_handle_tRNS函数中的越界访问导致应用程序崩溃,造成拒绝服务。该漏洞影响libpng 1.0.25之前及1.2.x系列1.2.17之前的所有版本,攻击无需身份验证且复杂度较低。"
69
severity = "MEDIUM"
7-
sources = ["tenable"]
8-
title = "CVE-2007-2445 vulnerability"
9-
updated = "2026-07-10"
10+
score = 5.0
11+
remediation = "升级libpng至1.0.25或1.2.17及以上版本。各Linux发行版已发布安全更新(如Debian DSA-1613、Gentoo GLSA 200705-24、Ubuntu USN-472-1等),建议用户及时安装对应补丁。"
12+
published = "2007-05-16"
13+
updated = "2026-06-16"
14+
sources = ["tenable", "nvd"]
15+
16+
[score]
17+
cvss_v2 = 5.0
18+
cvss_v2_vector = "AV:N/AC:L/Au:N/C:N/I:N/A:P"
19+
20+
[affected]
21+
vendor = "libpng"
22+
product = "libpng"
23+
24+
[references]
25+
nvd = "https://nvd.nist.gov/vuln/detail/CVE-2007-2445"
26+
other = [
27+
"http://www.libpng.org/pub/png/libpng.html",
28+
"http://sourceforge.net/project/shownotes.php?release_id=508653",
29+
"http://www.redhat.com/support/errata/RHSA-2007-0356.html",
30+
"http://www.debian.org/security/2008/dsa-1613",
31+
"http://www.gentoo.org/security/en/glsa/glsa-200705-24.xml",
32+
"http://www.ubuntu.com/usn/usn-472-1",
33+
"http://secunia.com/advisories/25268",
34+
"http://www.securityfocus.com/bid/24000",
35+
"https://exchange.xforce.ibmcloud.com/vulnerabilities/34340",
36+
]
1037

1138
[exploit]
12-
exp_urls = []
1339
poc_urls = []
14-
15-
[id]
16-
aliases = ["CVE-2007-2445"]
17-
ave_id = "AVE-2007-0005"
18-
cve_id = "CVE-2007-2445"
40+
exp_urls = []
1941

2042
[meta]
21-
collected_at = "2026-07-10T19:14:40.038763253+00:00"
43+
collected_at = "2026-07-11T00:00:00Z"
2244
status = "completed"
23-
24-
[references]
25-
urls = []

0 commit comments

Comments
 (0)