& 实现人生的价值知识点 & “（24分）阅读下列材料，结合所学知识回答...”习题详情
0位同学学习过此题，做题成功率0%
（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化1989年注册资本1000万元，国有股占100%注册资本40000万元，国家股4%,境内法人股56.01%,个人股14.99%,外资25%1999年国家股2.73%,境内法人股33.14%,个人股8.87%,境内上市外资股10.5%,外资法人14.8%,公众股30.32%2013年境内各种法人股60.14%（其中国家股东2.37%），境内上市外资股5.24%,公众股34.62%。注：随着投资主体多元化、公司治理结构的完善，这家从1993年艰难起家、主营单一的企业，在2013年成长为总资产近3600亿元、年收入逾1200亿元的多元化大型企业集团。材料二：改革是极其复杂的系统工程，现在中国的改革已经进入深水区，当改革打响攻坚战，注定充满荆棘。但改革是为了人民，关乎国家的命运、民族的前途，我们深信，对于那些埋头苦干的人，对那些真正的改革者，没有比人更高的山，也没有比脚更长的路。（1）从所有制角度看，该企业属于什么类型的经济？结合材料一，说明国家鼓励发展该类型经济对完善我国经济制度的意义。（10分）（2）结合材料二，运用发展观的有关知识，简述改革注定充满荆棘。（8分）（3）结合材料二，运用价值判断和价值选择的有关知识，为改革者加油鼓劲。（6分）&
本题难度：较难
题型：解答题&|&来源：2014-浙江省重点中学协作体第一次适应性测试政治试卷
分析与解答
习题“（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化1989年注册资...”的分析与解答如下所示：
（1）本题有两小问。首先要求考生判断材料中的公司属于什么性质的企业。通过材料可以发现，该公司的构成成分是“境内各种法人股60.14%（其中国家股东2.37%），境内上市外资股5.24%,公众股34.62%”，因此该公司是混合所有制经济。第二小问要求考生分析说明国家鼓励发展该类型经济对完善我国经济制度的意义，属于意义类的解答题。考生在分析说明时，首先要明确的是该类型企业就是混合所有制经济；其次要明确是对我国经济制度的意义。考生可以从巩固公有制的的主体地位、从发挥非公有制经济的作用、从完善我国的基本经济制度、完善我国的分配制度、完善社会主义市场经济体制的角度进行说明即可。（2）本题要求考生结合材料二，简述改革注定充满荆棘。考生在回答本题时，要注意两个问题：一是本题设问的知识限定是“运用发展观的有关知识”；二是要明确改革充满荆棘的意思是道路是曲折的。因此考生只要教材知识把握的较好，很容易从新事物的发展道路为什么是曲折的角度继续努力分析说明。（3）本题要求考生结合材料二，为改革者加油鼓劲。考生在分析时，要注意两个问题：一是本题设问的知识限定是“运用价值判断和价值选择的有关知识”，其次要明确为改革者加油鼓劲的内涵是什么，应该是说明改革是正确。考生从作出正确的价值判断和价值选择的标准的角度进行说明即可。
找到答案了，赞一个
如发现试题中存在任何错误，请及时纠错告诉我们，谢谢你的支持！
（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化198...
错误类型：
习题内容残缺不全
习题有文字标点错误
习题内容结构混乱
习题对应知识点不正确
分析解答残缺不全
分析解答有文字标点错误
分析解答结构混乱
习题类型错误
错误详情：
我的名号（最多30个字）：
看完解答，记得给个难度评级哦！
经过分析，习题“（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化1989年注册资...”主要考察你对“实现人生的价值”
等考点的理解。
因为篇幅有限，只列出部分考点，详细请访问。
实现人生的价值
与“（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化1989年注册资...”相似的题目：
2014感动中国十大人物刘盛兰，从他73岁开始通过捡破烂资助着一批批困难学生， 17年来他几乎未尝肉味，没添过一件新衣，“吝啬”得连一个馒头都舍不得买，可捐资助学总计7万多元，资助了100多个学生。这意味着①人生价值要在个人与社会的统一中实现②实现人生价值需要辨别是非，把握机遇③人是价值的创造者，也是价值的享受者④社会提供的客观条件是人们实现人生价值的前提①②②③①③②④
危险瞬间，本可以躲开逃生的女教师张丽莉奋不顾身去救学生，自己却被卷入车轮下，造成双腿粉碎性骨折，高位截肢。张丽莉的事迹迅速传遍全国各地，她的伤情也牵动着人们的心，人们通过各种方式为这位“最美女教师”祈祷、祝福。材料表明①价值观作为一种社会意识，对人们的行为具有重要的驱动、制约和导向作用②价值判断是价值选择的基础，要树立正确的价值观，做出正确的价值选择③价值判断和价值选择具有社会历史性特征，往往会因人而异④个人对社会的贡献只有得到了群众的肯定才有意义②④①②②③①④
近年来涌现的许多下岗职工再就业的典型事例告诉我们，下岗并不可怕，只要我们转变观念，顽强奋斗，发挥聪明才智，同样也能实现人生价值。这主要说明&&&&个人的发展总要受到社会条件的制约人生价值的实现必须立足于自己的本职工作人生价值的实现需要发挥主观能动性只要思想观念转变了，人生价值就能实现
“（24分）阅读下列材料，结合所学知识回答...”的最新评论
该知识点好题
该知识点易错题
欢迎来到乐乐题库，查看习题“（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化1989年注册资本1000万元，国有股占100%注册资本40000万元，国家股4%,境内法人股56.01%,个人股14.99%,外资25%1999年国家股2.73%,境内法人股33.14%,个人股8.87%,境内上市外资股10.5%,外资法人14.8%,公众股30.32%2013年境内各种法人股60.14%（其中国家股东2.37%），境内上市外资股5.24%,公众股34.62%。注：随着投资主体多元化、公司治理结构的完善，这家从1993年艰难起家、主营单一的企业，在2013年成长为总资产近3600亿元、年收入逾1200亿元的多元化大型企业集团。材料二：改革是极其复杂的系统工程，现在中国的改革已经进入深水区，当改革打响攻坚战，注定充满荆棘。但改革是为了人民，关乎国家的命运、民族的前途，我们深信，对于那些埋头苦干的人，对那些真正的改革者，没有比人更高的山，也没有比脚更长的路。（1）从所有制角度看，该企业属于什么类型的经济？结合材料一，说明国家鼓励发展该类型经济对完善我国经济制度的意义。（10分）（2）结合材料二，运用发展观的有关知识，简述改革注定充满荆棘。（8分）（3）结合材料二，运用价值判断和价值选择的有关知识，为改革者加油鼓劲。（6分）”的答案、考点梳理，并查找与习题“（24分）阅读下列材料，结合所学知识回答问题。材料一：十八届三中全会《决定》提出，要鼓励非公有制企业参与国有企业改革，鼓励发展非公有资本控股的混合所有制企业。表一：某公司发展过程中资本结构的变化1989年注册资本1000万元，国有股占100%注册资本40000万元，国家股4%,境内法人股56.01%,个人股14.99%,外资25%1999年国家股2.73%,境内法人股33.14%,个人股8.87%,境内上市外资股10.5%,外资法人14.8%,公众股30.32%2013年境内各种法人股60.14%（其中国家股东2.37%），境内上市外资股5.24%,公众股34.62%。注：随着投资主体多元化、公司治理结构的完善，这家从1993年艰难起家、主营单一的企业，在2013年成长为总资产近3600亿元、年收入逾1200亿元的多元化大型企业集团。材料二：改革是极其复杂的系统工程，现在中国的改革已经进入深水区，当改革打响攻坚战，注定充满荆棘。但改革是为了人民，关乎国家的命运、民族的前途，我们深信，对于那些埋头苦干的人，对那些真正的改革者，没有比人更高的山，也没有比脚更长的路。（1）从所有制角度看，该企业属于什么类型的经济？结合材料一，说明国家鼓励发展该类型经济对完善我国经济制度的意义。（10分）（2）结合材料二，运用发展观的有关知识，简述改革注定充满荆棘。（8分）（3）结合材料二，运用价值判断和价值选择的有关知识，为改革者加油鼓劲。（6分）”相似的习题。& 3、向小康生活迈进的期待知识点 & “（二）由于向市场经济的转型以及社会价值观...”习题详情
250位同学学习过此题，做题成功率88.0%
（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示“非常愿意”，24.8%的人表示“比较愿意”，两者累计，表示肯定态度的人数达到81.5%。通过比较也发现，非独生子女比独生子女具有更强的经济独立意识。大学生希望经济自立的意识也较强，愿意打工的比例最高，高中生居中，初中生最低。调查还发现，有44.3%的青少年“正在攒钱”或“准备攒钱”，27.2%的人“以前攒过，现在不攒了”，只有15.9%的人“从来没攒过钱”，还有12.6%的人“没有钱可攒”。【小题1】概括每个文段内容的要点：（1）第一段：&&&&（2）第二段：&&&&（3）第三段：&&&&【小题2】第二段文字采用了什么方法？请具体解释。【小题3】第三段文字在说明时采用了什么方法，采用这种方法的好处是什么？（当前）青少年的经济自立意识正在增强。（2）非独生子女、大学生的经济自立意识较强。（3）较多的青少年正在为经济的自立做准备。&
本题难度：一般
题型：解答题&|&来源：2013-粤教版高中语文必修五《向小康社会迈进的期待》练习题
分析与解答
习题“（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示“非常愿意...”的分析与解答如下所示：
【小题1】试题分析：对前两段的概括，可以看作是考查语段压缩的能力；对后一段的概括，可以看作是考查语言转换的能力。
对文段的概括首先要读懂原文，在此基础上概括。【小题2】试题分析：通过文段原句“非独生子女比独生”可以看出是分类比较。考点：本题考查文段所运用的方法。点评：此题要清楚文章的写作手法，其次根据每个写法的特点进行判断。【小题3】试题分析：44.3%、27.2%、15.9%等可看出是列数字的说明方法。这种说明方法使事物更可信。考点：本题考查文段所运用的方法。点评：此题要清楚文章的写作手法，其次根据每个写法的特点进行判断。
找到答案了，赞一个
如发现试题中存在任何错误，请及时纠错告诉我们，谢谢你的支持！
（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示...
错误类型：
习题内容残缺不全
习题有文字标点错误
习题内容结构混乱
习题对应知识点不正确
分析解答残缺不全
分析解答有文字标点错误
分析解答结构混乱
习题类型错误
错误详情：
我的名号（最多30个字）：
看完解答，记得给个难度评级哦！
经过分析，习题“（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示“非常愿意...”主要考察你对“3、向小康生活迈进的期待”
等考点的理解。
因为篇幅有限，只列出部分考点，详细请访问。
3、向小康生活迈进的期待
与“（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示“非常愿意...”相似的题目：
在横线处填入的短语，最恰当的一项是&&&&新加坡发现一种能飞的树蛇，它飞行时不仅形态奇异，而且会出于不同目的来变换姿势，有时活像在空中表演高难度动作的杂技演员。它起飞时①。飞行中身体呈“S”形，以控制方向。准备落地时，②。落地前几秒钟则开始滑行，确保平稳。上述发现已经载入最新一期的《自然》杂志。②为减慢速度，头部开始下沉，翼肋停止旋转①身体呈“J”形，动作十分轻松优美 ②为减慢速度，头部开始下沉，翼肋停止旋转①动作十分轻松优美，身体呈“J”形 ②头部开始下沉，翼肋停止旋转，来减慢速度①身体呈“J”形，利用尾部抓住树枝作为动力 ②头部开始下沉，翼肋停止旋转，来减慢速度①利用尾部抓住树枝作为动力，身体呈“J”形
阅读下面一首宋诗，回答后面的问题。乡 思李觏人言落日是天涯，望极天涯不见家。已恨碧山相阻隔，碧山还被暮云遮。钱钟书说：“诗歌里有三种写法：一、天涯虽远，而想望中的人更远；二、想望中的人物虽近，却比天涯还远；三、想望中的人虽远，却近在比邻。”（1）这首诗属于第&&&&种写法。（2）简要分析作者是如何着眼空间距离来抒写思乡之情的。&&&&
依次填入下文空格处的词语，最恰当的一组是 网吧在取得安全合格证之前，必须在电脑上安装安全管理软件，封堵有害信息网站等。电脑进入非允许范围内的网站，安全管理软件会同时发出警报。但事实上，许多网吧在定期对电脑进行清理时，经常要重做系统，安全管理软件往往嫌麻烦不被重装。从而 如果 由于 甚至以便 由于 假若 而从而 由于 假若 甚至以便 如果 由于 而
“（二）由于向市场经济的转型以及社会价值观...”的最新评论
该知识点好题
该知识点易错题
欢迎来到乐乐题库，查看习题“（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示“非常愿意”，24.8%的人表示“比较愿意”，两者累计，表示肯定态度的人数达到81.5%。通过比较也发现，非独生子女比独生子女具有更强的经济独立意识。大学生希望经济自立的意识也较强，愿意打工的比例最高，高中生居中，初中生最低。调查还发现，有44.3%的青少年“正在攒钱”或“准备攒钱”，27.2%的人“以前攒过，现在不攒了”，只有15.9%的人“从来没攒过钱”，还有12.6%的人“没有钱可攒”。【小题1】概括每个文段内容的要点：（1）第一段：____（2）第二段：____（3）第三段：____【小题2】第二段文字采用了什么方法？请具体解释。【小题3】第三段文字在说明时采用了什么方法，采用这种方法的好处是什么？”的答案、考点梳理，并查找与习题“（二）由于向市场经济的转型以及社会价值观念的变化，当前青少年的经济自立意识也在逐步增强。对于“如果有机会，您是否愿意通过打工挣点钱，补贴家用甚至养活自己”这一问题，有五成以上的青少年（56.7%）表示“非常愿意”，24.8%的人表示“比较愿意”，两者累计，表示肯定态度的人数达到81.5%。通过比较也发现，非独生子女比独生子女具有更强的经济独立意识。大学生希望经济自立的意识也较强，愿意打工的比例最高，高中生居中，初中生最低。调查还发现，有44.3%的青少年“正在攒钱”或“准备攒钱”，27.2%的人“以前攒过，现在不攒了”，只有15.9%的人“从来没攒过钱”，还有12.6%的人“没有钱可攒”。【小题1】概括每个文段内容的要点：（1）第一段：____（2）第二段：____（3）第三段：____【小题2】第二段文字采用了什么方法？请具体解释。【小题3】第三段文字在说明时采用了什么方法，采用这种方法的好处是什么？”相似的习题。libpng is the official PNG reference library.
It supports almost
all PNG features, is extensible, and has been extensively tested for
over 20 years.
The home site for development versions (i.e., may be
buggy or subject to change or include experimental features) is , and
the place to go for questions about the library is the
mailing list.
libpng is available as ANSI C (C89) source code and requires zlib 1.0.4
or later (1.2.5 or later recommended for performance and security
The current public release, libpng 1.6.32, fixes a possible
NULL-pointer dereference in png_handle_eXIf() (newly added in
1.6.31) and a memory leak in the same when returning with an error.
It also includes numerous other small fixes and improvements.
Vulnerability Warning
libpng version 1.6.31 added png_handle_eXIf(), which has a
null-pointer-dereference bug as well as a potential memory leak.
as the function has existed for only four weeks and the chunk itself for
only six, it's unlikely there are any applications affected by it at this
time, but they might come into existence in the future.
The vulnerability is fixed in version 1.6.32,
released on 24&August 2017.
Portability Note
The libpng 1.5.x, 1.6.x, and upcoming 1.7.x series continue the evolution of the
libpng API, finally hiding the contents of the venerable
and hoary png_struct and png_info
data structures inside private (i.e., non-installed) header
Instead of direct struct-access, applications should be
using the various png_get_xxx() and png_set_xxx()
accessor functions, which have existed for almost as long as libpng
The portability notice should not come as a particular surprise
to anyone who has added libpng support to an applic the
manual has warned of it since at least July 2000.
(Specifically:
"Starting with version 2.0.0, both structures are going to be hidden, and
the contents of the structures will only be accessible through the
png_get/png_set functions."
OK, so the version number was off a
bit...and the grammar, too, but who's counting?)
Those whose apps depend on
the older API need not panic, however (for now); libpng 1.2.x continues to
get security fixes, as has 1.0.x for well over a decade.
(Greg no longer
bothers to lis enough's enough, folks.
Update those
apps now!)
The 1.5.x and later series also include a new, more thorough test program
(pngvalid.c) and a new pnglibconf.h header file that
tracks what features were enabled or disabled when libpng was built.
the other hand, they no longer internally include the zlib.h header
file, so applications that formerly depended on png.h to provide
that will now need to include it explicitly.
Complete differences relative to libpng 1.4.x
are detailed .
See the bottom of this page for warnings about
security and crash bugs
in versions up through libpng 1.6.26.
In addition to the main library sources,
all of the 1.2.x/1.4.x/1.5.x/1.6.x/1.7.x series include
demo programs,
the pngminus demo program, a subset of Willem van Schaik's
and Willem's VisualPng demo program.
Currentversion:
John Bowler,
(current maintainer),
Platforms:
Unix, DOS, OS/2, Windows, Mac OS, BeOS, Amiga, etc.
(version 1.4.0
[Jan 2010], courtesy of Alex Yau)
Mailinglist:
Sourcecode:
download.sourceforge.net
archive&sizes&(bytes):
MD5 checksums:
cbbca386260e
libpng-1.6.32.tar.gz
e01be057ab793a685ad15
libpng-1.6.32.tar.xz
8a294afad3
lpng1632.zip
git repository:
git://git.code.sf.net/p/libpng/code
Currentbinaries:
operating&system
(these&are&"unofficial"&binaries&compiled&&by&third&parties)
Previousbinaries:
operating&system
&(.rpm)&()
(these&are&"unofficial"&binaries&compiled&&by&third&parties)
Oldbinaries:
operating&system
x86,PowerPC
PA-RISC,IA64
(these&are&"unofficial"&binaries&compiled&&by&third&parties)
Supportinglibrariesand tools:
(needed only to decompress tar.xz source archive)
Security and Crash Bugs in Older Versions
Vulnerability Warning
Virtually all libpng versions through 1.6.26, 1.5.27, 1.4.19, 1.2.56,
and 1.0.66, respectively, have a null-pointer-dereference bug in
png_set_text_2() when an image-editing application adds, removes,
and re-adds text chunks to a PNG image.
(This bug does not affect
pure viewers, nor are there any known editors that could trigger it without
interactive user input.
It has been assigned ID
The vulnerability is fixed in versions 1.6.27, 1.5.28,
1.4.20, 1.2.57, and 1.0.67,
released on 29&December 2016.
Vulnerability Warning
Virtually all old-branch libpng versions through 1.5.25, 1.4.18, 1.2.55,
and 1.0.65, respectively, have a potential out-of-bounds read in
png_check_keyword(), which has been assigned ID
The vulnerability is fixed in versions 1.5.26,
1.4.19, 1.2.56, and 1.0.66,
released on 17&December 2015.
The current branch (1.6.x) is not vulnerable to this bug.
Vulnerability Warning
Virtually all libpng versions through 1.6.19, 1.5.24, 1.4.17, 1.2.54,
and 1.0.64, respectively, have a potential pointer overflow/underflow in
png_handle_sPLT()/png_handle_pCAL() (and in
png_handle_iTXt()/png_handle_zTXt() in the pre-1.6 branches),
and all such versions likewise have a bug in their png_set_PLTE()
implementations that left it open to the out-of-bounds write
() that was supposed to have been fixed in the previous
The bugs are fixed in versions 1.6.20,
1.5.25, 1.4.18, 1.2.55, and 1.0.65,
released on 3&December 2015.
Vulnerability Warning
Virtually all libpng versions through 1.6.18, 1.5.23, 1.4.16, 1.2.53,
and 1.0.63, respectively, have a potential out-of-bounds read in
png_set_tIME()/png_convert_to_rfc1123() and an out-of-bounds
write in png_get_PLTE()/png_set_PLTE().
The former
vulnerability has been assigned ID
and the latter
The first is fixed in versions 1.6.19,
1.5.24, 1.4.17, 1.2.54, and 1.0.64,
released on 12&November 2015; see the subsequent vulnerability
warning for info about the latter fix.
Vulnerability Warning
libpng versions 1.6.9 through 1.6.15 (and some subset of versions up
through 1.5.20) have an integer-overflow vulnerability in
png_combine_row() when decoding very wide interlaced images,
which can allow an attacker to overwrite an arbitrary amount of memory
with arbitrary (attacker-controlled) data.
This vulnerability has been assigned ID
and is fixed in versions 1.6.16 and
1.5.21, released on 21&December 2014.
Vulnerability Warning
Virtually all libpng versions through 1.6.14, 1.5.19, 1.4.13, 1.2.51,
and 1.0.61, respectively, have an out-of-bounds memory access in
png_user_version_check().
It is unclear whether this could
lead to an actual exploit.
The bug is fixed in versions 1.6.15,
1.5.20, etc., released on 20&November 2014.
Vulnerability Warning
libpng versions 1.6.0 through 1.6.9 hang when reading images that have
zero-length IDAT chunks with the progressive (streaming) a
malicious web site could use this bug to cause a (minor) denial of
service. This vulnerability has been assigned ID
and is fixed in version 1.6.10,
released 6&March 2014.
Vulnerability Warning
libpng versions 1.6.1 through 1.6.7 fail to reject colormapped images
with empty palettes, leading to a null-pointer dereference (crash) in
png_do_expand_palette(). This vulnerability has been assigned ID
and is fixed in version 1.6.8,
released 19&December 2013.
Vulnerability Warning
Various versions of libpng through 1.5.11, 1.4.11, 1.2.49, and
1.0.59, respectively, set the top-level archive-extraction directory's
permissions to be world-writable as part of the distcheck
Makefile target's operations (configure-generated Makefile only).
This could allow a local attacker on the build host to silently replace
the extracted libpng library with a malicious version, conceivably
poisoning an official binary distribution of libpng (though the likelihood
of this seems remote), but more generally allowing the attacker to execute
arbitrary commands with the permissions of the user running make.
vulnerability has been assigned ID
and is fixed in version 1.5.12 (and versions
1.4.12, 1.2.50, and 1.0.60, respectively, on the
older branches), released 10&July 2012.
Vulnerability Warning
All "modern" versions of libpng through 1.5.9, 1.4.10, 1.2.48, and
1.0.58, respectively, fail to correctly handle malloc() failure
for text chunks (in png_set_text_2()), which can lead to memory
corruption and the possibility of execution of hostile code.
This serious vulnerability has been assigned ID
and is fixed in version 1.5.10 (and versions
1.4.11, 1.2.49, and 1.0.59, respectively, on the
older branches), released 29&March 2012.
Vulnerability Warning
All versions of libpng from 1.0.6 through 1.5.8, 1.4.8, 1.2.46, and
1.0.56, respectively, fail to correctly validate a heap allocation in
png_decompress_chunk(), which can lead to a buffer-overrun
and the possibility of execution of hostile code on 32-bit systems.
This serious vulnerability has been assigned ID
and is fixed in version 1.5.9 (and versions
1.4.9, 1.2.47, and 1.0.57, respectively, on the
older branches), released 18&February 2012.
Vulnerability Warning
libpng 1.5.4 through 1.5.7 contain a one-byte (stack) buffer-overrun bug
in png_formatted_warning(), which could lead to crashes (denial
of service) or, conceivably, execution of hostile code.
vulnerability has been assigned ID
and is fixed in version 1.5.8, released
1&February 2012.
Vulnerability Warning
libpng 1.5.4 (only) introduced a divide-by-zero bug in
png_handle_cHRM(), which could lead to crashes (denial of
service) in applications that support color correction.
vulnerability has been assigned ID
() and is fixed in version 1.5.5, released
22&September 2011.
Vulnerability Warning
All released versions of libpng (from 1.0 onward) have a buffer overrun
in the code that promotes palette images with transparency (1 channel) to
grayscale+alpha images (2 channels), but only for applications that call
png_rgb_to_gray() and not png_set_expand().
An arbitrary amount of memory may be overwritten in this case,
with arbitrary (attacker-controlled) data.
This vulnerability has been assigned ID
libpng 1.2.20 and later crashes in png_default_error() due to
internal use of a NULL pointer instead of the empty string ("").
This vulnerability has been assigned ID
Many (most?) versions of libpng read uninitialized memory when handling
empty sCAL chunks, and they handle malformed sCAL chunks (those lacking
a delimiting NULL between the internal strings) incorrectly.
This vulnerability has been assigned ID
All of these issues are fixed in version 1.5.4 (as well as
1.4.8, 1.2.45, and 1.0.55 on the older branches),
released 7&July 2011.
Vulnerability Warning
libpng 1.5.0 (only) introduced a bug in the RGB-to-grayscale transform
code, which can lead to buffer overruns due to incorrect calculation
of the number of bytes per pixel.
(Since 1.5.0 was just released, no
apps or OS distributions are believed to ship with it, so the risk
should be minimal.)
This vulnerability has been assigned ID
() and is fixed in version 1.5.1, released
3&February 2011.
Vulnerability Warning
Several versions of libpng through 1.4.2 (and through 1.2.43 in the
older series) contain a bug whereby progressive applications such as
web browsers (or the rpng2 demo app included in libpng) could receive
an extra row of image data beyond the height reported in the header,
potentially leading to an out-of-bounds write to memory (depending on
how the application is written) and the possibility of execution of an
attacker's code with the privileges of the libpng user (including remote
compromise in the case of a libpng-based browser visiting a hostile web
This vulnerability has been assigned ID
(via Mozilla).
An additional memory-leak bug, involving images with malformed sCAL
chunks, it could lead to an application crash (denial
of service) when viewing such images.
Both bugs are fixed in versions 1.4.3 and 1.2.44, released
25&June 2010.
Vulnerability Warning
Jeff Phillips reported that several versions of libpng through 1.2.35
contain an uninitialized-memory-read bug that may have security
implications.
Specifically, 1-bit (2-color) interlaced images whose
widths are not divisible by 8 may result in several uninitialized bits
at the end of certain rows in certain interlace passes being returned
to the user.
An application that failed to mask these out-of-bounds
pixels might display or process them, albeit presumably with benign
results in most cases.
This bug may be fixed in version 1.2.36,
released 7&May 2009, but the correct fix is in version 1.2.37,
released 4&June 2009.
Vulnerability Warning
All versions of libpng from 0.89c through 1.2.34 contain an
uninitialized-data bug that can be triggered by a malicious user.
Specifically, there are several instances in which a malloc'd array
of pointers is then initialized by a secondary sequence of malloc()
If one of these calls fails, libpng's cleanup routine will
attempt to free the entire array, including any uninitialized pointers,
which could lead to execution of an attacker's code with the privileges
of the libpng user (including remote compromise in the case of a
libpng-based browser visiting a hostile web site).
This vulnerability
has been assigned ID
and is fixed in version 1.2.35, released
18&February 2009.
Vulnerability Warning
Versions 1.2.30 and 1.2.31 of libpng can crash when reading images with
multiple zTX it is likely that this vulnerability could lead to
a remote compromise in the case of a libpng-based browser visiting a
hostile web site.
This vulnerability has been assigned
and is fixed in version 1.2.32, released
18&September 2008.
Vulnerability Warning
All versions of libpng from 1.0.6 through 1.2.26 have a bug when handling
unknown (to libpng) chunks with zero data length.
Applications that call
either png_set_read_user_chunk_fn() or
png_set_keep_unknown_chunks(), when used with standard builds
of libpng (i.e., built with either PNG_READ_UNKNOWN_CHUNKS_SUPPORTED or
PNG_READ_USER_CHUNKS_SUPPORTED defined), can crash when attempting to
free a non-existent data buffer for the unknown chunk.
The pngtest
sample application distributed with libpng, pngcrush, and certain
versions of ImageMagick are known to be affected, but the bug is
otherwise believed to be quite rare.
This vulnerability has been assigned
and is fixed in version 1.2.27, released
28&April 2008.
Crash Warning
Most versions of libpng up through 1.2.24 have a number of minor coding
errors that could lead to crashes in exceptional cases.
For example, if
memory allocation fails while processing certain ancillary chunks, libpng
could crash while attempting to write to the NULL or if the
application author failed to set up the info_ptr as required,
some parts of libpng fail to check for NULL and could crash trying to
read the pointer (though it's probable that the error would have caused
libpng to terminate upstream of these parts).
The bugs are fixed in
version 1.2.25, released 18&February 2008.
Vulnerability Warning
Version 1.2.21 has a crash bug when reading the ICC-profile chunk, iCCP
This bug is fixed in version 1.2.22,
released 13&October 2007.
Vulnerability Warning
Versions 1.2.20 and earlier have a number of potential crash-bugs due to
out-of-bounds reads in certain chunk- MITRE has collectively
assigned them the identifiers ,
These bugs are fixed in version 1.2.21,
released 4&October 2007, but another crash bug (related to the
ICC-profile chunk) remains to be fixed in version 1.2.22.
Vulnerability Warning
Versions up through 1.2.16 (and 1.0.24) have an NULL-pointer-dereference
vulnerability involving palette images with a malformed tRNS chunk (i.e.,
one with a bad CRC value).
This bug can, at a minimum, cause crashes in
browsers simply by visiting a page disp reportedly
it also crashes the Microsoft Windows display manager.
CERT refers to
and MITRE as .
It's fixed in versions libpng 1.2.18 and
libpng 1.0.26 (also 1.2.17 and 1.0.25, which had a
bug in their configure scripts), released 15&May 2007.
Vulnerability Warning
Versions 1.0.6 through 1.2.12 and 1.0.20 have a bug in the decoder for
the sPLT ("suggested palette") this can lead to crashes and,
accordingly, a denial of service (e.g., crashing your browser when you
visit a site displaying a specially crafted PNG).
The bug is fixed in
libpng 1.2.13 and libpng 1.0.21, released 15&November
MITRE refers to this bug as .
The same releases also include fixes for a specific class of application
error (NULL png_ptr) and for a bug in the code that writes the
iCCP ("ICC profile") chunk.
Vulnerability Warning
Versions up through 1.2.11 and 1.0.19 have a buffer-overrun vulnerability
when a particular error message is triggered.
The overrun is always by
exactly two bytes ('k' and NULL) so it seems highly unlikely that it
could be used for anything more nefarious than denial of service (e.g.,
crashing your browser when you visit a site displaying a specially
crafted PNG).
Nevertheless, it's worth fixing, and versions libpng
1.2.12 and libpng 1.0.20, released 27&June 2006, do just
(Note that 1.2.11 and 1.0.19 erroneously claimed to include the
fix, but in fact it had been inadvertently omitted.)
MITRE refers to
this bug as .
The same releases (and their immediate predecessors) also fix an
out-of-bounds (by one) memory read and a second buffer overrun, this one
in the code that writes the sCAL ("physical scale of subject")
chunk (which is rather rare in any case).
There have been other issues in older versions released in 2004:
Crash Warning
Versions 1.2.7, 1.2.6, 1.0.17, and 1.0.16 have a bug that will cause
applications that strip the alpha channel (while reading a PNG) to crash.
The bug is fixed in versions 1.2.8 and 1.0.18, which were
released on 3&December 2004.
MITRE refers to this bug as .
The release before that fixed another bug, this one in the PNG-writing code:
Broken-Image Warning
Versions 1.2.6 and 1.0.16 can write an invalid zlib header within the
PNG datastream.
This is not quite as bad as it sounds since the two-byte
header can be corrected fairly easily (e.g., use
to rewrite the images and,
perhaps, compress them slightly better, or run the
png-fix-IDAT-windowsize utility bundled with
2.1.0 or later), but some applications
will display the images incorrectly.
Microsoft Word and Internet
Explorer are known to be affected. A
is available, and versions 1.2.7 and
1.0.17 (incorporating the fix) were released on 11&September
Finally--and most important--there were several security vulnerabilities
present in versions of libpng prior to 1.2.6 and 1.0.16, one of which is
quite dangerous:
Vulnerability Warning
On 4&August 2004 a new jumbo security patch was released to
address several potential vulnerabilities in libpng, at least one of
which is quite serious.
It was followed on 15&August by
the full libpng 1.2.6 and libpng 1.0.16 releases, which,
like subsequent releases, incorporate the fix.
All users are strongly
urged to upgrade to the latest release of libpng or to patch any affected
applications as soon as possible.
(Graphical browsers and e-mail clients are particularly at risk.)
Get the latest releases or an appropriate combo patch either from
Here's the , along with the relevant CERT and MITRE vulnerability
(this is the serious one!)
These vulnerabilities were discovered by Chris Evans and are also
described in .
(Many thanks to Chris for notifying the libpng team and
for providing time to fix the bugs before the public announcement!)
Last modified 26 August 2017.
Please direct libpng comments and questions to the .
Web page copyright ©
libpng copyright
contributing authors.