Cute Png
CVE-2024-46263
HIGH
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h.
AnalysisAI
cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. cute_png v1.05 was discovered to contain a stack overflow via the cp_dynamic() function at cute_png.h. Affected products include: Randygaul Cute Png.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h. Rated high se
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_stored() function at cute_png.h. Rated high s
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_block() function at cute_png.h. Rated high se
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_find() function at cute_png.h. Rated high sev
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h. Rated high s
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_unfilter() function at cute_png.h. Rated high
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h. Rated
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today