ID CVE-2009-0040
Summary The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
References
Vulnerable Configurations
  • cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.71:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.71:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.81:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.81:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.82:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.82:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.85:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.85:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.86:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.86:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.87:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.87:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.88:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.88:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.89:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.89:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.89c:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.89c:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.90:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.90:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.95:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.95:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.96:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.96:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.97:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.97:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.98:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.98:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99b:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99b:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99c:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99c:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99d:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99d:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99e:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99e:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99f:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99f:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99g:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99g:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:0.99h:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:0.99h:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.00:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.00:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.0a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.0a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.0b:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.0b:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.1a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.1a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.1b:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.1b:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.1c:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.1c:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.1d:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.1d:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.1e:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.1e:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.2a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.2a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.3a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.3b:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.3b:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.3d:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.3d:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4b:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4b:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4c:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4c:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4d:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4d:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4e:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4e:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.4f:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.4f:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5a:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5a:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5b:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5b:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5c:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5c:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5d:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5d:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5e:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5e:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5f:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5f:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5g:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5g:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5h:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5h:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5i:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5i:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5j:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5j:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5k:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5k:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5l:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5l:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5m:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5m:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5n:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5n:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5o:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5o:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5p:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5p:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5q:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5q:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5r:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5r:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5s:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5s:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5t:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5t:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5u:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5u:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.5v:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.5v:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6d:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6d:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6e:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6e:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6f:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6f:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6g:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6g:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6h:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6h:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6i:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6i:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.6j:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.6j:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:*
  • cpe:2.3:a:libpng:libpng:1.0.42:*:*:*:*:*:*:*
    cpe:2.3:a:libpng:libpng:1.0.42:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipad2:*
    cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipad2:*
  • cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*
    cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:iphone:*
  • cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipodtouch:*
    cpe:2.3:o:apple:iphone_os:-:*:*:*:*:*:ipodtouch:*
  • cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.0:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.0:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.0.2:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.0.2:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.0:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.0:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.1:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.1:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.1:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.1:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.2:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.2:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.3:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.3:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.4:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.4:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.5:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.5:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.0:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.0:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.1:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.1:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.2:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.2:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.1:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.1:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.2:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.2:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.2:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.2:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.2.1:-:iphone:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.2.1:-:iphone:*:*:*:*:*
  • cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:*:*:*:*:*
    cpe:2.3:o:apple:iphone_os:2.2.1:-:ipodtouch:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.1.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.2.8:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.8:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.7:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.8:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.9:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.10:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.1:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.2:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.3:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.4:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.6:*:*:*:*:*:*:*
  • cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
    cpe:2.3:o:apple:mac_os_x:10.5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:*
  • cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*
    cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 09-02-2024 - 03:25)
Impact:
Exploitability:
CWE CWE-824
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
  • accepted 2013-04-29T04:04:33.340-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    • comment The operating system installed on the system is Red Hat Enterprise Linux 5
      oval oval:org.mitre.oval:def:11414
    • comment The operating system installed on the system is CentOS Linux 5.x
      oval oval:org.mitre.oval:def:15802
    • comment Oracle Linux 5.x
      oval oval:org.mitre.oval:def:15459
    description The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
    family unix
    id oval:org.mitre.oval:def:10316
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
    version 32
  • accepted 2009-11-09T04:01:02.634-05:00
    class vulnerability
    contributors
    name Michael Wood
    organization Hewlett-Packard
    definition_extensions
    • comment VMWare ESX Server 3.0.3 is installed
      oval oval:org.mitre.oval:def:6026
    • comment VMWare ESX Server 3.0.2 is installed
      oval oval:org.mitre.oval:def:5613
    • comment VMware ESX Server 3.5.0 is installed
      oval oval:org.mitre.oval:def:5887
    description The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
    family unix
    id oval:org.mitre.oval:def:6458
    status accepted
    submitted 2009-09-23T15:39:02.000-04:00
    title Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerability
    version 3
redhat via4
advisories
  • bugzilla
    id 486355
    title CVE-2009-0040 libpng arbitrary free() flaw
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • comment libpng is earlier than 2:1.2.7-3.el4_7.2
            oval oval:com.redhat.rhsa:tst:20090333001
          • comment libpng is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060205002
        • AND
          • comment libpng-devel is earlier than 2:1.2.7-3.el4_7.2
            oval oval:com.redhat.rhsa:tst:20090333003
          • comment libpng-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060205004
        • AND
          • comment libpng10 is earlier than 0:1.0.16-3.el4_7.3
            oval oval:com.redhat.rhsa:tst:20090333005
          • comment libpng10 is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070356006
        • AND
          • comment libpng10-devel is earlier than 0:1.0.16-3.el4_7.3
            oval oval:com.redhat.rhsa:tst:20090333007
          • comment libpng10-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20070356008
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment libpng is earlier than 2:1.2.10-7.1.el5_3.2
            oval oval:com.redhat.rhsa:tst:20090333010
          • comment libpng is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070356011
        • AND
          • comment libpng-devel is earlier than 2:1.2.10-7.1.el5_3.2
            oval oval:com.redhat.rhsa:tst:20090333012
          • comment libpng-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20070356013
    rhsa
    id RHSA-2009:0333
    released 2009-03-04
    severity Moderate
    title RHSA-2009:0333: libpng security update (Moderate)
  • rhsa
    id RHSA-2009:0315
  • rhsa
    id RHSA-2009:0325
  • rhsa
    id RHSA-2009:0340
rpms
  • firefox-0:3.0.7-1.el4
  • firefox-0:3.0.7-1.el5
  • firefox-debuginfo-0:3.0.7-1.el4
  • firefox-debuginfo-0:3.0.7-1.el5
  • xulrunner-0:1.9.0.7-1.el5
  • xulrunner-debuginfo-0:1.9.0.7-1.el5
  • xulrunner-devel-0:1.9.0.7-1.el5
  • xulrunner-devel-unstable-0:1.9.0.7-1.el5
  • seamonkey-0:1.0.9-0.30.el2
  • seamonkey-0:1.0.9-0.34.el3
  • seamonkey-0:1.0.9-38.el4
  • seamonkey-chat-0:1.0.9-0.30.el2
  • seamonkey-chat-0:1.0.9-0.34.el3
  • seamonkey-chat-0:1.0.9-38.el4
  • seamonkey-debuginfo-0:1.0.9-0.34.el3
  • seamonkey-debuginfo-0:1.0.9-38.el4
  • seamonkey-devel-0:1.0.9-0.30.el2
  • seamonkey-devel-0:1.0.9-0.34.el3
  • seamonkey-devel-0:1.0.9-38.el4
  • seamonkey-dom-inspector-0:1.0.9-0.30.el2
  • seamonkey-dom-inspector-0:1.0.9-0.34.el3
  • seamonkey-dom-inspector-0:1.0.9-38.el4
  • seamonkey-js-debugger-0:1.0.9-0.30.el2
  • seamonkey-js-debugger-0:1.0.9-0.34.el3
  • seamonkey-js-debugger-0:1.0.9-38.el4
  • seamonkey-mail-0:1.0.9-0.30.el2
  • seamonkey-mail-0:1.0.9-0.34.el3
  • seamonkey-mail-0:1.0.9-38.el4
  • seamonkey-nspr-0:1.0.9-0.30.el2
  • seamonkey-nspr-0:1.0.9-0.34.el3
  • seamonkey-nspr-devel-0:1.0.9-0.30.el2
  • seamonkey-nspr-devel-0:1.0.9-0.34.el3
  • seamonkey-nss-0:1.0.9-0.30.el2
  • seamonkey-nss-0:1.0.9-0.34.el3
  • seamonkey-nss-devel-0:1.0.9-0.30.el2
  • seamonkey-nss-devel-0:1.0.9-0.34.el3
  • libpng-2:1.0.14-12
  • libpng-2:1.2.10-7.1.el5_3.2
  • libpng-2:1.2.7-3.el4_7.2
  • libpng-debuginfo-2:1.2.10-7.1.el5_3.2
  • libpng-debuginfo-2:1.2.7-3.el4_7.2
  • libpng-devel-2:1.0.14-12
  • libpng-devel-2:1.2.10-7.1.el5_3.2
  • libpng-devel-2:1.2.7-3.el4_7.2
  • libpng10-0:1.0.16-3.el4_7.3
  • libpng10-debuginfo-0:1.0.16-3.el4_7.3
  • libpng10-devel-0:1.0.16-3.el4_7.3
  • libpng-2:1.2.2-29
  • libpng-debuginfo-2:1.2.2-29
  • libpng-devel-2:1.2.2-29
  • libpng10-0:1.0.13-20
  • libpng10-debuginfo-0:1.0.13-20
  • libpng10-devel-0:1.0.13-20
refmap via4
apple
  • APPLE-SA-2009-05-12
  • APPLE-SA-2009-06-08-1
  • APPLE-SA-2009-06-17-1
  • APPLE-SA-2009-08-05-1
bid
  • 33827
  • 33990
bugtraq
  • 20090312 rPSA-2009-0046-1 libpng
  • 20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues
  • 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
cert
  • TA09-133A
  • TA09-218A
cert-vn VU#649212
confirm
debian
  • DSA-1750
  • DSA-1830
fedora
  • FEDORA-2009-1976
  • FEDORA-2009-2045
  • FEDORA-2009-2882
  • FEDORA-2009-2884
gentoo
  • GLSA-200903-28
  • GLSA-201209-25
mandriva
  • MDVSA-2009:051
  • MDVSA-2009:075
  • MDVSA-2009:083
mlist
  • [png-mng-implement] 20090219 libpng-1.2.35 and libpng-1.0.43 fix security vulnerability
  • [security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server
secunia
  • 33970
  • 33976
  • 34137
  • 34140
  • 34143
  • 34145
  • 34152
  • 34210
  • 34265
  • 34272
  • 34320
  • 34324
  • 34388
  • 34462
  • 34464
  • 35074
  • 35258
  • 35302
  • 35379
  • 35386
  • 36096
slackware
  • SSA:2009-083-02
  • SSA:2009-083-03
sunalert
  • 1020521
  • 259989
suse
  • SUSE-SA:2009:012
  • SUSE-SA:2009:023
  • SUSE-SR:2009:005
vupen
  • ADV-2009-0469
  • ADV-2009-0473
  • ADV-2009-0632
  • ADV-2009-1297
  • ADV-2009-1451
  • ADV-2009-1462
  • ADV-2009-1522
  • ADV-2009-1560
  • ADV-2009-1621
  • ADV-2009-2172
xf libpng-pointer-arrays-code-execution(48819)
Last major update 09-02-2024 - 03:25
Published 22-02-2009 - 22:30
Last modified 09-02-2024 - 03:25
Back to Top