Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.