ID CVE-2008-3964
Summary Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c.
References
Vulnerable Configurations
  • cpe:2.3:a:libpng:libpng:1.4:beta19
    cpe:2.3:a:libpng:libpng:1.4:beta19
  • cpe:2.3:a:libpng:libpng:1.4:beta20
    cpe:2.3:a:libpng:libpng:1.4:beta20
  • cpe:2.3:a:libpng:libpng:1.4:beta22
    cpe:2.3:a:libpng:libpng:1.4:beta22
  • cpe:2.3:a:libpng:libpng:1.4:beta23
    cpe:2.3:a:libpng:libpng:1.4:beta23
  • cpe:2.3:a:libpng:libpng:1.4:beta24
    cpe:2.3:a:libpng:libpng:1.4:beta24
  • cpe:2.3:a:libpng:libpng:1.4:beta25
    cpe:2.3:a:libpng:libpng:1.4:beta25
  • cpe:2.3:a:libpng:libpng:1.4:beta26
    cpe:2.3:a:libpng:libpng:1.4:beta26
  • cpe:2.3:a:libpng:libpng:1.4:beta27
    cpe:2.3:a:libpng:libpng:1.4:beta27
  • cpe:2.3:a:libpng:libpng:1.4:beta28
    cpe:2.3:a:libpng:libpng:1.4:beta28
  • cpe:2.3:a:libpng:libpng:1.4:beta29
    cpe:2.3:a:libpng:libpng:1.4:beta29
  • cpe:2.3:a:libpng:libpng:1.4:beta30
    cpe:2.3:a:libpng:libpng:1.4:beta30
  • cpe:2.3:a:libpng:libpng:1.4:beta31
    cpe:2.3:a:libpng:libpng:1.4:beta31
  • cpe:2.3:a:libpng:libpng:1.4:beta33
    cpe:2.3:a:libpng:libpng:1.4:beta33
  • cpe:2.3:a:libpng:libpng:1.4
    cpe:2.3:a:libpng:libpng:1.4
  • libpng 1.2.9
    cpe:2.3:a:libpng:libpng:1.2.9
  • libpng 1.2.6
    cpe:2.3:a:libpng:libpng:1.2.6
  • libpng 1.2.7
    cpe:2.3:a:libpng:libpng:1.2.7
  • libpng 1.2.8
    cpe:2.3:a:libpng:libpng:1.2.8
  • cpe:2.3:a:libpng:libpng:beta1
    cpe:2.3:a:libpng:libpng:beta1
  • cpe:2.3:a:libpng:libpng:1.4:beta17
    cpe:2.3:a:libpng:libpng:1.4:beta17
  • cpe:2.3:a:libpng:libpng:1.4:beta18
    cpe:2.3:a:libpng:libpng:1.4:beta18
  • cpe:2.3:a:libpng:libpng:1.4:beta15
    cpe:2.3:a:libpng:libpng:1.4:beta15
  • cpe:2.3:a:libpng:libpng:1.4:beta16
    cpe:2.3:a:libpng:libpng:1.4:beta16
  • cpe:2.3:a:libpng:libpng:1.4:beta13
    cpe:2.3:a:libpng:libpng:1.4:beta13
  • cpe:2.3:a:libpng:libpng:1.4:beta14
    cpe:2.3:a:libpng:libpng:1.4:beta14
  • cpe:2.3:a:libpng:libpng:1.4:beta12
    cpe:2.3:a:libpng:libpng:1.4:beta12
  • cpe:2.3:a:libpng:libpng:1.4:beta133
    cpe:2.3:a:libpng:libpng:1.4:beta133
  • cpe:2.3:a:libpng:libpng:1.4:beta10
    cpe:2.3:a:libpng:libpng:1.4:beta10
  • cpe:2.3:a:libpng:libpng:1.4:beta11
    cpe:2.3:a:libpng:libpng:1.4:beta11
  • cpe:2.3:a:libpng:libpng:1.4:beta8
    cpe:2.3:a:libpng:libpng:1.4:beta8
  • cpe:2.3:a:libpng:libpng:1.4:beta9
    cpe:2.3:a:libpng:libpng:1.4:beta9
  • cpe:2.3:a:libpng:libpng:1.4:beta6
    cpe:2.3:a:libpng:libpng:1.4:beta6
  • cpe:2.3:a:libpng:libpng:1.4:beta7
    cpe:2.3:a:libpng:libpng:1.4:beta7
  • cpe:2.3:a:libpng:libpng:1.4:beta5
    cpe:2.3:a:libpng:libpng:1.4:beta5
  • cpe:2.3:a:libpng:libpng:1.4:beta4
    cpe:2.3:a:libpng:libpng:1.4:beta4
  • cpe:2.3:a:libpng:libpng:1.4:beta3
    cpe:2.3:a:libpng:libpng:1.4:beta3
  • cpe:2.3:a:libpng:libpng:1.4:beta2
    cpe:2.3:a:libpng:libpng:1.4:beta2
  • cpe:2.3:a:libpng:libpng:1.4:beta1
    cpe:2.3:a:libpng:libpng:1.4:beta1
  • cpe:2.3:a:libpng:libpng:1.2.9:beta10
    cpe:2.3:a:libpng:libpng:1.2.9:beta10
  • cpe:2.3:a:libpng:libpng:1.2.9:beta9
    cpe:2.3:a:libpng:libpng:1.2.9:beta9
  • cpe:2.3:a:libpng:libpng:1.2.9:beta8
    cpe:2.3:a:libpng:libpng:1.2.9:beta8
  • cpe:2.3:a:libpng:libpng:1.2.9:beta7
    cpe:2.3:a:libpng:libpng:1.2.9:beta7
  • cpe:2.3:a:libpng:libpng:1.2.9:beta6
    cpe:2.3:a:libpng:libpng:1.2.9:beta6
  • cpe:2.3:a:libpng:libpng:1.2.9:beta5
    cpe:2.3:a:libpng:libpng:1.2.9:beta5
  • cpe:2.3:a:libpng:libpng:1.2.9:beta4
    cpe:2.3:a:libpng:libpng:1.2.9:beta4
  • cpe:2.3:a:libpng:libpng:1.2.9:beta3
    cpe:2.3:a:libpng:libpng:1.2.9:beta3
  • cpe:2.3:a:libpng:libpng:1.2.9:beta2
    cpe:2.3:a:libpng:libpng:1.2.9:beta2
  • cpe:2.3:a:libpng:libpng:1.2.9:beta1
    cpe:2.3:a:libpng:libpng:1.2.9:beta1
  • cpe:2.3:a:libpng:libpng:1.2.9:rc1
    cpe:2.3:a:libpng:libpng:1.2.9:rc1
  • cpe:2.3:a:libpng:libpng:1.2.8:beta3
    cpe:2.3:a:libpng:libpng:1.2.8:beta3
  • cpe:2.3:a:libpng:libpng:1.2.8:beta4
    cpe:2.3:a:libpng:libpng:1.2.8:beta4
  • cpe:2.3:a:libpng:libpng:1.2.8:beta5
    cpe:2.3:a:libpng:libpng:1.2.8:beta5
  • cpe:2.3:a:libpng:libpng:1.2.8:rc1
    cpe:2.3:a:libpng:libpng:1.2.8:rc1
  • cpe:2.3:a:libpng:libpng:1.2.8:rc2
    cpe:2.3:a:libpng:libpng:1.2.8:rc2
  • cpe:2.3:a:libpng:libpng:1.2.8:rc3
    cpe:2.3:a:libpng:libpng:1.2.8:rc3
  • cpe:2.3:a:libpng:libpng:1.2.8:rc4
    cpe:2.3:a:libpng:libpng:1.2.8:rc4
  • cpe:2.3:a:libpng:libpng:1.2.8:rc5
    cpe:2.3:a:libpng:libpng:1.2.8:rc5
  • cpe:2.3:a:libpng:libpng:1.2.6:rc2
    cpe:2.3:a:libpng:libpng:1.2.6:rc2
  • cpe:2.3:a:libpng:libpng:1.2.6:rc3
    cpe:2.3:a:libpng:libpng:1.2.6:rc3
  • cpe:2.3:a:libpng:libpng:1.2.6:rc4
    cpe:2.3:a:libpng:libpng:1.2.6:rc4
  • cpe:2.3:a:libpng:libpng:1.2.6:rc5
    cpe:2.3:a:libpng:libpng:1.2.6:rc5
  • cpe:2.3:a:libpng:libpng:1.2.7:beta1
    cpe:2.3:a:libpng:libpng:1.2.7:beta1
  • cpe:2.3:a:libpng:libpng:1.2.7:beta2
    cpe:2.3:a:libpng:libpng:1.2.7:beta2
  • cpe:2.3:a:libpng:libpng:1.2.8:beta1
    cpe:2.3:a:libpng:libpng:1.2.8:beta1
  • cpe:2.3:a:libpng:libpng:1.2.8:beta2
    cpe:2.3:a:libpng:libpng:1.2.8:beta2
  • cpe:2.3:a:libpng:libpng:1.2.5:rc2
    cpe:2.3:a:libpng:libpng:1.2.5:rc2
  • cpe:2.3:a:libpng:libpng:1.2.5:rc1
    cpe:2.3:a:libpng:libpng:1.2.5:rc1
  • cpe:2.3:a:libpng:libpng:1.2.6:beta1
    cpe:2.3:a:libpng:libpng:1.2.6:beta1
  • cpe:2.3:a:libpng:libpng:1.2.5:rc3
    cpe:2.3:a:libpng:libpng:1.2.5:rc3
  • cpe:2.3:a:libpng:libpng:1.2.6:beta3
    cpe:2.3:a:libpng:libpng:1.2.6:beta3
  • cpe:2.3:a:libpng:libpng:1.2.6:beta2
    cpe:2.3:a:libpng:libpng:1.2.6:beta2
  • cpe:2.3:a:libpng:libpng:1.2.6:rc1
    cpe:2.3:a:libpng:libpng:1.2.6:rc1
  • cpe:2.3:a:libpng:libpng:1.2.6:beta4
    cpe:2.3:a:libpng:libpng:1.2.6:beta4
  • cpe:2.3:a:libpng:libpng:1.2.5:beta3
    cpe:2.3:a:libpng:libpng:1.2.5:beta3
  • cpe:2.3:a:libpng:libpng:1.2.5:beta2
    cpe:2.3:a:libpng:libpng:1.2.5:beta2
  • cpe:2.3:a:libpng:libpng:1.2.23:beta02-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta02-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta01-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta01-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta04-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta04-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta03-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta03-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta03
    cpe:2.3:a:libpng:libpng:1.2.23:beta03
  • cpe:2.3:a:libpng:libpng:1.2.23:beta02
    cpe:2.3:a:libpng:libpng:1.2.23:beta02
  • cpe:2.3:a:libpng:libpng:1.2.23:beta05
    cpe:2.3:a:libpng:libpng:1.2.23:beta05
  • cpe:2.3:a:libpng:libpng:1.2.23:beta04
    cpe:2.3:a:libpng:libpng:1.2.23:beta04
  • cpe:2.3:a:libpng:libpng:1.2.24:beta03-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta03-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.24:beta02-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta02-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.24:beta01
    cpe:2.3:a:libpng:libpng:1.2.24:beta01
  • cpe:2.3:a:libpng:libpng:1.2.24:rc01-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:rc01-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.23:rc01-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:rc01-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta05-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta05-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.24:beta01-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta01-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.23:rc01
    cpe:2.3:a:libpng:libpng:1.2.23:rc01
  • cpe:2.3:a:libpng:libpng:1.2.21:rc2
    cpe:2.3:a:libpng:libpng:1.2.21:rc2
  • cpe:2.3:a:libpng:libpng:1.2.21:rc3
    cpe:2.3:a:libpng:libpng:1.2.21:rc3
  • cpe:2.3:a:libpng:libpng:1.2.22:beta1
    cpe:2.3:a:libpng:libpng:1.2.22:beta1
  • cpe:2.3:a:libpng:libpng:1.2.22:beta2
    cpe:2.3:a:libpng:libpng:1.2.22:beta2
  • cpe:2.3:a:libpng:libpng:1.2.20:rc6
    cpe:2.3:a:libpng:libpng:1.2.20:rc6
  • cpe:2.3:a:libpng:libpng:1.2.21:beta1
    cpe:2.3:a:libpng:libpng:1.2.21:beta1
  • cpe:2.3:a:libpng:libpng:1.2.21:beta2
    cpe:2.3:a:libpng:libpng:1.2.21:beta2
  • cpe:2.3:a:libpng:libpng:1.2.21:rc1
    cpe:2.3:a:libpng:libpng:1.2.21:rc1
  • cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:rc1
    cpe:2.3:a:libpng:libpng:1.2.22:rc1
  • cpe:2.3:a:libpng:libpng:1.2.23:beta01
    cpe:2.3:a:libpng:libpng:1.2.23:beta01
  • cpe:2.3:a:libpng:libpng:1.2.22:beta3
    cpe:2.3:a:libpng:libpng:1.2.22:beta3
  • cpe:2.3:a:libpng:libpng:1.2.22:beta4
    cpe:2.3:a:libpng:libpng:1.2.22:beta4
  • cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.20:beta01
    cpe:2.3:a:libpng:libpng:1.2.20:beta01
  • libpng 1.2.23
    cpe:2.3:a:libpng:libpng:1.2.23
  • libpng 1.2.22
    cpe:2.3:a:libpng:libpng:1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.20:rc5
    cpe:2.3:a:libpng:libpng:1.2.20:rc5
  • cpe:2.3:a:libpng:libpng:1.2.20:rc4
    cpe:2.3:a:libpng:libpng:1.2.20:rc4
  • cpe:2.3:a:libpng:libpng:1.2.20:rc3
    cpe:2.3:a:libpng:libpng:1.2.20:rc3
  • cpe:2.3:a:libpng:libpng:1.2.20:rc2
    cpe:2.3:a:libpng:libpng:1.2.20:rc2
  • cpe:2.3:a:libpng:libpng:1.2.20:rc1
    cpe:2.3:a:libpng:libpng:1.2.20:rc1
  • libpng 1.2.25
    cpe:2.3:a:libpng:libpng:1.2.25
  • cpe:2.3:a:libpng:libpng:1.2.20:beta04
    cpe:2.3:a:libpng:libpng:1.2.20:beta04
  • libpng 1.2.24
    cpe:2.3:a:libpng:libpng:1.2.24
  • cpe:2.3:a:libpng:libpng:1.2.20:beta03
    cpe:2.3:a:libpng:libpng:1.2.20:beta03
  • cpe:2.3:a:libpng:libpng:1.2.20:beta02
    cpe:2.3:a:libpng:libpng:1.2.20:beta02
  • libpng 1.2.26
    cpe:2.3:a:libpng:libpng:1.2.26
  • libpng 1.2.2
    cpe:2.3:a:libpng:libpng:1.2.2
  • libpng 1.2.3
    cpe:2.3:a:libpng:libpng:1.2.3
  • libpng 1.2.4
    cpe:2.3:a:libpng:libpng:1.2.4
  • libpng 1.2.5
    cpe:2.3:a:libpng:libpng:1.2.5
  • cpe:2.3:a:libpng:libpng:1.2.19:beta4
    cpe:2.3:a:libpng:libpng:1.2.19:beta4
  • cpe:2.3:a:libpng:libpng:1.2.19:beta6
    cpe:2.3:a:libpng:libpng:1.2.19:beta6
  • cpe:2.3:a:libpng:libpng:1.2.19:beta5
    cpe:2.3:a:libpng:libpng:1.2.19:beta5
  • cpe:2.3:a:libpng:libpng:1.2.19:beta8
    cpe:2.3:a:libpng:libpng:1.2.19:beta8
  • cpe:2.3:a:libpng:libpng:1.2.19:beta7
    cpe:2.3:a:libpng:libpng:1.2.19:beta7
  • cpe:2.3:a:libpng:libpng:1.2.19:beta9
    cpe:2.3:a:libpng:libpng:1.2.19:beta9
  • cpe:2.3:a:libpng:libpng:1.2.19:rc1
    cpe:2.3:a:libpng:libpng:1.2.19:rc1
  • cpe:2.3:a:libpng:libpng:1.2.19:rc2
    cpe:2.3:a:libpng:libpng:1.2.19:rc2
  • cpe:2.3:a:libpng:libpng:1.2.19:rc3
    cpe:2.3:a:libpng:libpng:1.2.19:rc3
  • cpe:2.3:a:libpng:libpng:1.2.19:rc4
    cpe:2.3:a:libpng:libpng:1.2.19:rc4
  • cpe:2.3:a:libpng:libpng:1.2.19:rc5
    cpe:2.3:a:libpng:libpng:1.2.19:rc5
  • cpe:2.3:a:libpng:libpng:1.2.19:rc6
    cpe:2.3:a:libpng:libpng:1.2.19:rc6
  • cpe:2.3:a:libpng:libpng:1.2.4:beta1
    cpe:2.3:a:libpng:libpng:1.2.4:beta1
  • cpe:2.3:a:libpng:libpng:1.2.4:beta3
    cpe:2.3:a:libpng:libpng:1.2.4:beta3
  • cpe:2.3:a:libpng:libpng:1.2.4:beta2
    cpe:2.3:a:libpng:libpng:1.2.4:beta2
  • libpng 1.2.21
    cpe:2.3:a:libpng:libpng:1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.5:beta1
    cpe:2.3:a:libpng:libpng:1.2.5:beta1
  • libpng 1.2.20
    cpe:2.3:a:libpng:libpng:1.2.20
  • cpe:2.3:a:libpng:libpng:1.2.4:rc1
    cpe:2.3:a:libpng:libpng:1.2.4:rc1
  • cpe:2.3:a:libpng:libpng:1.2.3:rc2
    cpe:2.3:a:libpng:libpng:1.2.3:rc2
  • cpe:2.3:a:libpng:libpng:1.2.3:rc3
    cpe:2.3:a:libpng:libpng:1.2.3:rc3
  • cpe:2.3:a:libpng:libpng:1.2.2:rc1
    cpe:2.3:a:libpng:libpng:1.2.2:rc1
  • cpe:2.3:a:libpng:libpng:1.2.3:rc1
    cpe:2.3:a:libpng:libpng:1.2.3:rc1
  • cpe:2.3:a:libpng:libpng:1.2.3:rc6
    cpe:2.3:a:libpng:libpng:1.2.3:rc6
  • cpe:2.3:a:libpng:libpng:1.2.3:rc4
    cpe:2.3:a:libpng:libpng:1.2.3:rc4
  • cpe:2.3:a:libpng:libpng:1.2.3:rc5
    cpe:2.3:a:libpng:libpng:1.2.3:rc5
  • cpe:2.3:a:libpng:libpng:1.2.2:beta1
    cpe:2.3:a:libpng:libpng:1.2.2:beta1
  • cpe:2.3:a:libpng:libpng:1.2.2:beta2
    cpe:2.3:a:libpng:libpng:1.2.2:beta2
  • cpe:2.3:a:libpng:libpng:1.2.26:beta06
    cpe:2.3:a:libpng:libpng:1.2.26:beta06
  • cpe:2.3:a:libpng:libpng:1.2.26:rc01
    cpe:2.3:a:libpng:libpng:1.2.26:rc01
  • cpe:2.3:a:libpng:libpng:1.2.2:beta5
    cpe:2.3:a:libpng:libpng:1.2.2:beta5
  • cpe:2.3:a:libpng:libpng:1.2.2:beta6
    cpe:2.3:a:libpng:libpng:1.2.2:beta6
  • cpe:2.3:a:libpng:libpng:1.2.2:beta3
    cpe:2.3:a:libpng:libpng:1.2.2:beta3
  • cpe:2.3:a:libpng:libpng:1.2.2:beta4
    cpe:2.3:a:libpng:libpng:1.2.2:beta4
  • cpe:2.3:a:libpng:libpng:1.2.26:beta01
    cpe:2.3:a:libpng:libpng:1.2.26:beta01
  • cpe:2.3:a:libpng:libpng:1.2.25:rc02
    cpe:2.3:a:libpng:libpng:1.2.25:rc02
  • cpe:2.3:a:libpng:libpng:1.2.25:rc01
    cpe:2.3:a:libpng:libpng:1.2.25:rc01
  • cpe:2.3:a:libpng:libpng:1.2.25:beta06
    cpe:2.3:a:libpng:libpng:1.2.25:beta06
  • cpe:2.3:a:libpng:libpng:1.2.26:beta05
    cpe:2.3:a:libpng:libpng:1.2.26:beta05
  • cpe:2.3:a:libpng:libpng:1.2.26:beta04
    cpe:2.3:a:libpng:libpng:1.2.26:beta04
  • cpe:2.3:a:libpng:libpng:1.2.26:beta03
    cpe:2.3:a:libpng:libpng:1.2.26:beta03
  • cpe:2.3:a:libpng:libpng:1.2.26:beta02
    cpe:2.3:a:libpng:libpng:1.2.26:beta02
  • cpe:2.3:a:libpng:libpng:1.2.25:beta01
    cpe:2.3:a:libpng:libpng:1.2.25:beta01
  • cpe:2.3:a:libpng:libpng:1.2.24:rc01
    cpe:2.3:a:libpng:libpng:1.2.24:rc01
  • cpe:2.3:a:libpng:libpng:1.2.24:beta03
    cpe:2.3:a:libpng:libpng:1.2.24:beta03
  • cpe:2.3:a:libpng:libpng:1.2.24:beta02
    cpe:2.3:a:libpng:libpng:1.2.24:beta02
  • cpe:2.3:a:libpng:libpng:1.2.25:beta05
    cpe:2.3:a:libpng:libpng:1.2.25:beta05
  • cpe:2.3:a:libpng:libpng:1.2.25:beta04
    cpe:2.3:a:libpng:libpng:1.2.25:beta04
  • cpe:2.3:a:libpng:libpng:1.2.25:beta03
    cpe:2.3:a:libpng:libpng:1.2.25:beta03
  • cpe:2.3:a:libpng:libpng:1.2.25:beta02
    cpe:2.3:a:libpng:libpng:1.2.25:beta02
CVSS
Base: 4.3 (as of 11-09-2008 - 18:38)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2009-051.NASL
    description A number of vulnerabilities have been found and corrected in libpng : Fixed 1-byte buffer overflow in pngpread.c (CVE-2008-3964). This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword() that allowed setting arbitrary bytes in the process memory to 0 (CVE-2008-5907). Fix a potential DoS (Denial of Service) or to potentially compromise an application using the library (CVE-2009-0040). The updated packages have been patched to prevent this.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 36671
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=36671
    title Mandriva Linux Security Advisory : libpng (MDVSA-2009:051)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200812-15.NASL
    description The remote host is affected by the vulnerability described in GLSA-200812-15 (POV-Ray: User-assisted execution of arbitrary code) POV-Ray uses a statically linked copy of libpng to view and output PNG files. The version shipped with POV-Ray is vulnerable to CVE-2008-3964, CVE-2008-1382, CVE-2006-3334, CVE-2006-0481, CVE-2004-0768. A bug in POV-Ray's build system caused it to load the old version when your installed copy of libpng was >=media-libs/libpng-1.2.10. Impact : An attacker could entice a user to load a specially crafted PNG file as a texture, resulting in the execution of arbitrary code with the permissions of the user running the application. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 35107
    published 2008-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=35107
    title GLSA-200812-15 : POV-Ray: User-assisted execution of arbitrary code
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_137080-09.NASL
    description SunOS 5.10: libpng Patch. Date this patch was last updated by Sun : Jun/15/17
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107484
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107484
    title Solaris 10 (sparc) : 137080-09
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_137081-10.NASL
    description SunOS 5.10_x86: libpng Patch. Date this patch was last updated by Sun : Jul/17/17
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107983
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107983
    title Solaris 10 (x86) : 137081-10
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_137081-09.NASL
    description SunOS 5.10_x86: libpng Patch. Date this patch was last updated by Sun : Jun/15/17
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107982
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107982
    title Solaris 10 (x86) : 137081-09
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_137081-07.NASL
    description SunOS 5.10_x86: libpng Patch. Date this patch was last updated by Sun : Jul/18/12
    last seen 2018-10-31
    modified 2018-10-29
    plugin id 107981
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107981
    title Solaris 10 (x86) : 137081-07
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_137080.NASL
    description SunOS 5.10: libpng Patch. Date this patch was last updated by Sun : Sep/11/17 This plugin has been deprecated and either replaced with individual 137080 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 31333
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31333
    title Solaris 10 (sparc) : 137080-11 (deprecated)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-730-1.NASL
    description It was discovered that libpng did not properly perform bounds checking in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng. This issue only affected Ubuntu 8.04 LTS. (CVE-2007-5268, CVE-2007-5269) Tavis Ormandy discovered that libpng did not properly initialize memory. If a user or automated system were tricked into opening a crafted PNG image, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. This issue did not affect Ubuntu 8.10. (CVE-2008-1382) Harald van Dijk discovered an off-by-one error in libpng. An attacker could could cause an application crash in programs using pngtest. (CVE-2008-3964) It was discovered that libpng did not properly NULL terminate a keyword string. An attacker could exploit this to set arbitrary memory locations to zero. (CVE-2008-5907) Glenn Randers-Pehrson discovered that libpng did not properly initialize pointers. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-0040). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 37042
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37042
    title Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_137080-07.NASL
    description SunOS 5.10: libpng Patch. Date this patch was last updated by Sun : Jul/18/12
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107483
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107483
    title Solaris 10 (sparc) : 137080-07
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_137080-10.NASL
    description SunOS 5.10: libpng Patch. Date this patch was last updated by Sun : Jul/17/17
    last seen 2018-10-27
    modified 2018-10-26
    plugin id 107485
    published 2018-03-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=107485
    title Solaris 10 (sparc) : 137080-10
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_137081.NASL
    description SunOS 5.10_x86: libpng Patch. Date this patch was last updated by Sun : Sep/11/17 This plugin has been deprecated and either replaced with individual 137081 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 31337
    published 2008-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=31337
    title Solaris 10 (x86) : 137081-11 (deprecated)
refmap via4
bid 31049
cert-vn VU#889484
confirm
gentoo GLSA-200812-15
mandriva MDVSA-2009:051
mlist
  • [oss-security] 20080909 CVE request (libpng)
  • [oss-security] 20080909 Re: CVE request (libpng)
  • [png-mng-implement] 20080918 libpng-1.0.40 and libpng-1.2.32 available
secunia
  • 31781
  • 33137
  • 35302
  • 35386
sunalert
  • 1020521
  • 259989
vupen
  • ADV-2008-2512
  • ADV-2009-1462
  • ADV-2009-1560
xf libpng-pngpushreadztxt-dos(44928)
statements via4
contributor Joshua Bressers
lastmodified 2017-08-07
organization Red Hat
statement Not vulnerable. These issues did not affect the versions of libpng as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.
Last major update 07-03-2011 - 22:11
Published 10-09-2008 - 21:13
Last modified 07-08-2017 - 21:32
Back to Top