[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2010-1205

Date: (C)2010-06-30   (M)2017-12-01 


Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

CVSS Score: 7.5Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 6.4Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
SECUNIA-40302
SECUNIA-40336
SECUNIA-40472
SECUNIA-40547
BID-41174
SECUNIA-41574
SECUNIA-42314
SECUNIA-42317
ADV-2010-1612
ADV-2010-1637
ADV-2010-1755
ADV-2010-1837
ADV-2010-1846
ADV-2010-1877
ADV-2010-2491
ADV-2010-3045
ADV-2010-3046
APPLE-SA-2010-08-24-1
APPLE-SA-2010-11-10-1
APPLE-SA-2010-11-22-1
APPLE-SA-2011-03-02-1
APPLE-SA-2011-03-09-2
DSA-2072
FEDORA-2010-10823
FEDORA-2010-10833
IAVM:2011-B-0096
MDVSA-2010:133
SSA:2010-180-01
SUSE-SR:2010:017
USN-960-1
http://lists.vmware.com/pipermail/security-announce/2010/000105.html
http://blackberry.com/btsc/KB27244
http://code.google.com/p/chromium/issues/detail?id=45983
http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18
http://support.apple.com/kb/HT4312
http://support.apple.com/kb/HT4435
http://support.apple.com/kb/HT4456
http://support.apple.com/kb/HT4457
http://support.apple.com/kb/HT4554
http://support.apple.com/kb/HT4566
http://trac.webkit.org/changeset/61816
http://www.libpng.org/pub/png/libpng.html
http://www.mozilla.org/security/announce/2010/mfsa2010-41.html
http://www.vmware.com/security/advisories/VMSA-2010-0014.html
https://bugs.webkit.org/show_bug.cgi?id=40798
https://bugzilla.mozilla.org/show_bug.cgi?id=570451
https://bugzilla.redhat.com/show_bug.cgi?id=608238
libpng-rowdata-bo(59815)

CPE    96
cpe:/a:libpng:libpng:1.2.6
cpe:/a:libpng:libpng:1.2.4
cpe:/a:libpng:libpng:1.2.3
cpe:/a:libpng:libpng:1.2.1
...
CWE    1
CWE-119
OVAL    69
oval:org.secpod.oval:def:100385
oval:org.secpod.oval:def:100661
oval:org.secpod.oval:def:201711
oval:org.secpod.oval:def:201714
...

© 2013 SecPod Technologies