what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2010-2249

Status Candidate

Overview

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

Related Files

Gentoo Linux Security Advisory 201010-1
Posted Oct 5, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201010-1 - Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. Versions less than 1.4.3 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0205, CVE-2010-1205, CVE-2010-2249
SHA-256 | 053ed2283e7bc0cc350641770fd5cf189d7743c4b37cb99243aa7582fe434950
VMware Security Advisory 2010-0014
Posted Sep 25, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.

tags | advisory
systems | windows
advisories | CVE-2010-3277, CVE-2010-1205, CVE-2010-0205, CVE-2010-2249, CVE-2010-0434, CVE-2010-0425
SHA-256 | c598de56110b9b1285f2b8e0d5afbeeb93abb4d32d2d9e62b9bdc9c16b71278b
Debian Linux Security Advisory 2072-1
Posted Jul 20, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2072-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2010-1205, CVE-2010-2249
SHA-256 | d17b0e986dbcc1fbbef738ae5e58903f49fceb0dc5c82dae6a6e23be776a6ddd
Mandriva Linux Security Advisory 2010-133
Posted Jul 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-133 - Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

tags | advisory, remote, denial of service, overflow, arbitrary, memory leak
systems | linux, mandriva
advisories | CVE-2008-6218, CVE-2010-1205, CVE-2010-2249
SHA-256 | 9dbcdb392f0269d231a9304f120b56317d9400add78640b2d61a8c8ee985f7fc
Ubuntu Security Notice 960-1
Posted Jul 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 960-1 - It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-1205, CVE-2010-2249
SHA-256 | 695c3fa01d385df30a9d7097d45ec9e589131d59ecd0ec3ed268993f351e471d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close