Computer Security
[EN] securityvulns.ru no-pyccku


libpng multiple security vulnerabilities
Published:11.07.2010
Source:
SecurityVulns ID:10982
Type:library
Threat Level:
6/10
Description:Memory corruption, resources exhaustion on PNG parsing.
Affected:libpng : libpng 1.2
 libpng : libpng 1.4
CVE:CVE-2010-2249 (Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.)
 CVE-2010-1205 (Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.)
Original documentdocumentUBUNTU, [USN-960-1] libpng vulnerabilities (11.07.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod