ID CVE-2009-2042
Summary libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
References
Vulnerable Configurations
  • libpng 0.89c
    cpe:2.3:a:libpng:libpng:0.89c
  • libpng 0.95
    cpe:2.3:a:libpng:libpng:0.95
  • libpng 1.0.0
    cpe:2.3:a:libpng:libpng:1.0.0
  • libpng 1.0.1
    cpe:2.3:a:libpng:libpng:1.0.1
  • libpng 1.0.10
    cpe:2.3:a:libpng:libpng:1.0.10
  • cpe:2.3:a:libpng:libpng:1.0.10:beta1
    cpe:2.3:a:libpng:libpng:1.0.10:beta1
  • cpe:2.3:a:libpng:libpng:1.0.10:rc1
    cpe:2.3:a:libpng:libpng:1.0.10:rc1
  • libpng 1.0.11
    cpe:2.3:a:libpng:libpng:1.0.11
  • cpe:2.3:a:libpng:libpng:1.0.11:beta1
    cpe:2.3:a:libpng:libpng:1.0.11:beta1
  • libpng 1.0.12
    cpe:2.3:a:libpng:libpng:1.0.12
  • cpe:2.3:a:libpng:libpng:1.0.15:rc1
    cpe:2.3:a:libpng:libpng:1.0.15:rc1
  • cpe:2.3:a:libpng:libpng:1.0.12:rc1
    cpe:2.3:a:libpng:libpng:1.0.12:rc1
  • cpe:2.3:a:libpng:libpng:1.0.12:beta1
    cpe:2.3:a:libpng:libpng:1.0.12:beta1
  • libpng 1.0.15
    cpe:2.3:a:libpng:libpng:1.0.15
  • cpe:2.3:a:libpng:libpng:1.0.11:rc1
    cpe:2.3:a:libpng:libpng:1.0.11:rc1
  • cpe:2.3:a:libpng:libpng:1.0.11:beta3
    cpe:2.3:a:libpng:libpng:1.0.11:beta3
  • libpng 1.0.13
    cpe:2.3:a:libpng:libpng:1.0.13
  • cpe:2.3:a:libpng:libpng:1.0.11:beta2
    cpe:2.3:a:libpng:libpng:1.0.11:beta2
  • libpng 1.0.14
    cpe:2.3:a:libpng:libpng:1.0.14
  • cpe:2.3:a:libpng:libpng:1.0.19:rc2
    cpe:2.3:a:libpng:libpng:1.0.19:rc2
  • cpe:2.3:a:libpng:libpng:1.0.17:rc1
    cpe:2.3:a:libpng:libpng:1.0.17:rc1
  • cpe:2.3:a:libpng:libpng:1.0.19:rc3
    cpe:2.3:a:libpng:libpng:1.0.19:rc3
  • cpe:2.3:a:libpng:libpng:1.0.15:rc3
    cpe:2.3:a:libpng:libpng:1.0.15:rc3
  • cpe:2.3:a:libpng:libpng:1.0.19:rc1
    cpe:2.3:a:libpng:libpng:1.0.19:rc1
  • cpe:2.3:a:libpng:libpng:1.0.15:rc2
    cpe:2.3:a:libpng:libpng:1.0.15:rc2
  • libpng 1.0.16
    cpe:2.3:a:libpng:libpng:1.0.16
  • libpng 1.0.19
    cpe:2.3:a:libpng:libpng:1.0.19
  • libpng 1.0.17
    cpe:2.3:a:libpng:libpng:1.0.17
  • libpng 1.0.18
    cpe:2.3:a:libpng:libpng:1.0.18
  • libpng 1.0.23
    cpe:2.3:a:libpng:libpng:1.0.23
  • libpng 1.0.21
    cpe:2.3:a:libpng:libpng:1.0.21
  • libpng 1.0.22
    cpe:2.3:a:libpng:libpng:1.0.22
  • libpng 1.0.2
    cpe:2.3:a:libpng:libpng:1.0.2
  • cpe:2.3:a:libpng:libpng:1.0.22:rc1
    cpe:2.3:a:libpng:libpng:1.0.22:rc1
  • cpe:2.3:a:libpng:libpng:1.0.23:rc1
    cpe:2.3:a:libpng:libpng:1.0.23:rc1
  • cpe:2.3:a:libpng:libpng:1.0.21:rc1
    cpe:2.3:a:libpng:libpng:1.0.21:rc1
  • libpng 1.0.20
    cpe:2.3:a:libpng:libpng:1.0.20
  • cpe:2.3:a:libpng:libpng:1.0.21:rc2
    cpe:2.3:a:libpng:libpng:1.0.21:rc2
  • cpe:2.3:a:libpng:libpng:1.0.19:rc5
    cpe:2.3:a:libpng:libpng:1.0.19:rc5
  • libpng 1.2.19
    cpe:2.3:a:libpng:libpng:1.2.19
  • cpe:2.3:a:libpng:libpng:1.2.1:beta4
    cpe:2.3:a:libpng:libpng:1.2.1:beta4
  • libpng 1.2.18
    cpe:2.3:a:libpng:libpng:1.2.18
  • cpe:2.3:a:libpng:libpng:1.2.1:beta3
    cpe:2.3:a:libpng:libpng:1.2.1:beta3
  • cpe:2.3:a:libpng:libpng:1.2.1:beta2
    cpe:2.3:a:libpng:libpng:1.2.1:beta2
  • cpe:2.3:a:libpng:libpng:1.2.1:beta1
    cpe:2.3:a:libpng:libpng:1.2.1:beta1
  • libpng 1.2.15
    cpe:2.3:a:libpng:libpng:1.2.15
  • cpe:2.3:a:libpng:libpng:1.2.1:rc2
    cpe:2.3:a:libpng:libpng:1.2.1:rc2
  • libpng 1.2.14
    cpe:2.3:a:libpng:libpng:1.2.14
  • cpe:2.3:a:libpng:libpng:1.2.1:rc1
    cpe:2.3:a:libpng:libpng:1.2.1:rc1
  • libpng 1.2.17
    cpe:2.3:a:libpng:libpng:1.2.17
  • libpng 1.2.16
    cpe:2.3:a:libpng:libpng:1.2.16
  • libpng 1.2.1
    cpe:2.3:a:libpng:libpng:1.2.1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta17
    cpe:2.3:a:libpng:libpng:1.2.19:beta17
  • libpng 1.2.0
    cpe:2.3:a:libpng:libpng:1.2.0
  • cpe:2.3:a:libpng:libpng:1.2.19:beta18
    cpe:2.3:a:libpng:libpng:1.2.19:beta18
  • libpng 1.2.10
    cpe:2.3:a:libpng:libpng:1.2.10
  • libpng 1.2.11
    cpe:2.3:a:libpng:libpng:1.2.11
  • libpng 1.2.13
    cpe:2.3:a:libpng:libpng:1.2.13
  • cpe:2.3:a:libpng:libpng:1.2.19:beta1
    cpe:2.3:a:libpng:libpng:1.2.19:beta1
  • cpe:2.3:a:libpng:libpng:1.2.0:beta1
    cpe:2.3:a:libpng:libpng:1.2.0:beta1
  • cpe:2.3:a:libpng:libpng:1.2.0:beta5
    cpe:2.3:a:libpng:libpng:1.2.0:beta5
  • cpe:2.3:a:libpng:libpng:1.2.19:beta10
    cpe:2.3:a:libpng:libpng:1.2.19:beta10
  • cpe:2.3:a:libpng:libpng:1.2.0:beta4
    cpe:2.3:a:libpng:libpng:1.2.0:beta4
  • cpe:2.3:a:libpng:libpng:1.2.0:beta3
    cpe:2.3:a:libpng:libpng:1.2.0:beta3
  • cpe:2.3:a:libpng:libpng:1.2.19:beta12
    cpe:2.3:a:libpng:libpng:1.2.19:beta12
  • cpe:2.3:a:libpng:libpng:1.2.0:beta2
    cpe:2.3:a:libpng:libpng:1.2.0:beta2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta11
    cpe:2.3:a:libpng:libpng:1.2.19:beta11
  • cpe:2.3:a:libpng:libpng:1.2.10:beta3
    cpe:2.3:a:libpng:libpng:1.2.10:beta3
  • cpe:2.3:a:libpng:libpng:1.2.19:beta14
    cpe:2.3:a:libpng:libpng:1.2.19:beta14
  • cpe:2.3:a:libpng:libpng:1.2.10:beta2
    cpe:2.3:a:libpng:libpng:1.2.10:beta2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta13
    cpe:2.3:a:libpng:libpng:1.2.19:beta13
  • cpe:2.3:a:libpng:libpng:1.2.10:beta1
    cpe:2.3:a:libpng:libpng:1.2.10:beta1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta16
    cpe:2.3:a:libpng:libpng:1.2.19:beta16
  • cpe:2.3:a:libpng:libpng:1.2.0:rc1
    cpe:2.3:a:libpng:libpng:1.2.0:rc1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta15
    cpe:2.3:a:libpng:libpng:1.2.19:beta15
  • cpe:2.3:a:libpng:libpng:1.0.8:beta4
    cpe:2.3:a:libpng:libpng:1.0.8:beta4
  • cpe:2.3:a:libpng:libpng:1.0.9:rc1
    cpe:2.3:a:libpng:libpng:1.0.9:rc1
  • cpe:2.3:a:libpng:libpng:1.2.16:beta1
    cpe:2.3:a:libpng:libpng:1.2.16:beta1
  • cpe:2.3:a:libpng:libpng:1.0.8:beta2
    cpe:2.3:a:libpng:libpng:1.0.8:beta2
  • cpe:2.3:a:libpng:libpng:1.2.16:rc1
    cpe:2.3:a:libpng:libpng:1.2.16:rc1
  • cpe:2.3:a:libpng:libpng:1.0.8:beta3
    cpe:2.3:a:libpng:libpng:1.0.8:beta3
  • cpe:2.3:a:libpng:libpng:1.2.16:beta2
    cpe:2.3:a:libpng:libpng:1.2.16:beta2
  • cpe:2.3:a:libpng:libpng:1.0.9:beta2
    cpe:2.3:a:libpng:libpng:1.0.9:beta2
  • cpe:2.3:a:libpng:libpng:1.2.17:beta1
    cpe:2.3:a:libpng:libpng:1.2.17:beta1
  • cpe:2.3:a:libpng:libpng:1.0.9:beta3
    cpe:2.3:a:libpng:libpng:1.0.9:beta3
  • cpe:2.3:a:libpng:libpng:1.2.17:beta2
    cpe:2.3:a:libpng:libpng:1.2.17:beta2
  • cpe:2.3:a:libpng:libpng:1.0.9:rc2
    cpe:2.3:a:libpng:libpng:1.0.9:rc2
  • cpe:2.3:a:libpng:libpng:1.2.17:rc1
    cpe:2.3:a:libpng:libpng:1.2.17:rc1
  • cpe:2.3:a:libpng:libpng:1.0.9:beta1
    cpe:2.3:a:libpng:libpng:1.0.9:beta1
  • cpe:2.3:a:libpng:libpng:1.2.17:rc2
    cpe:2.3:a:libpng:libpng:1.2.17:rc2
  • cpe:2.3:a:libpng:libpng:1.0.9:beta6
    cpe:2.3:a:libpng:libpng:1.0.9:beta6
  • cpe:2.3:a:libpng:libpng:1.2.17:rc3
    cpe:2.3:a:libpng:libpng:1.2.17:rc3
  • cpe:2.3:a:libpng:libpng:1.0.9:beta7
    cpe:2.3:a:libpng:libpng:1.0.9:beta7
  • cpe:2.3:a:libpng:libpng:1.2.17:rc4
    cpe:2.3:a:libpng:libpng:1.2.17:rc4
  • cpe:2.3:a:libpng:libpng:1.0.9:beta4
    cpe:2.3:a:libpng:libpng:1.0.9:beta4
  • cpe:2.3:a:libpng:libpng:1.0.9:beta5
    cpe:2.3:a:libpng:libpng:1.0.9:beta5
  • cpe:2.3:a:libpng:libpng:1.0.9:beta10
    cpe:2.3:a:libpng:libpng:1.0.9:beta10
  • cpe:2.3:a:libpng:libpng:1.0.9:beta8
    cpe:2.3:a:libpng:libpng:1.0.9:beta8
  • cpe:2.3:a:libpng:libpng:1.0.9:beta9
    cpe:2.3:a:libpng:libpng:1.0.9:beta9
  • cpe:2.3:a:libpng:libpng:1.2.14:beta1
    cpe:2.3:a:libpng:libpng:1.2.14:beta1
  • cpe:2.3:a:libpng:libpng:1.2.14:rc1
    cpe:2.3:a:libpng:libpng:1.2.14:rc1
  • cpe:2.3:a:libpng:libpng:1.2.13:rc2
    cpe:2.3:a:libpng:libpng:1.2.13:rc2
  • cpe:2.3:a:libpng:libpng:1.2.13:rc1
    cpe:2.3:a:libpng:libpng:1.2.13:rc1
  • cpe:2.3:a:libpng:libpng:1.0.7:rc2
    cpe:2.3:a:libpng:libpng:1.0.7:rc2
  • cpe:2.3:a:libpng:libpng:1.2.15:beta3
    cpe:2.3:a:libpng:libpng:1.2.15:beta3
  • cpe:2.3:a:libpng:libpng:1.0.7:rc1
    cpe:2.3:a:libpng:libpng:1.0.7:rc1
  • cpe:2.3:a:libpng:libpng:1.2.15:beta2
    cpe:2.3:a:libpng:libpng:1.2.15:beta2
  • cpe:2.3:a:libpng:libpng:1.2.15:beta1
    cpe:2.3:a:libpng:libpng:1.2.15:beta1
  • cpe:2.3:a:libpng:libpng:1.2.14:beta2
    cpe:2.3:a:libpng:libpng:1.2.14:beta2
  • cpe:2.3:a:libpng:libpng:1.2.15:rc1
    cpe:2.3:a:libpng:libpng:1.2.15:rc1
  • cpe:2.3:a:libpng:libpng:1.2.15:beta6
    cpe:2.3:a:libpng:libpng:1.2.15:beta6
  • cpe:2.3:a:libpng:libpng:1.2.15:beta5
    cpe:2.3:a:libpng:libpng:1.2.15:beta5
  • cpe:2.3:a:libpng:libpng:1.2.15:beta4
    cpe:2.3:a:libpng:libpng:1.2.15:beta4
  • cpe:2.3:a:libpng:libpng:1.0.7:beta18
    cpe:2.3:a:libpng:libpng:1.0.7:beta18
  • cpe:2.3:a:libpng:libpng:1.2.15:rc5
    cpe:2.3:a:libpng:libpng:1.2.15:rc5
  • cpe:2.3:a:libpng:libpng:1.0.7:beta17
    cpe:2.3:a:libpng:libpng:1.0.7:beta17
  • cpe:2.3:a:libpng:libpng:1.2.15:rc4
    cpe:2.3:a:libpng:libpng:1.2.15:rc4
  • cpe:2.3:a:libpng:libpng:1.0.8:beta1
    cpe:2.3:a:libpng:libpng:1.0.8:beta1
  • cpe:2.3:a:libpng:libpng:1.2.15:rc3
    cpe:2.3:a:libpng:libpng:1.2.15:rc3
  • cpe:2.3:a:libpng:libpng:1.0.8:rc1
    cpe:2.3:a:libpng:libpng:1.0.8:rc1
  • cpe:2.3:a:libpng:libpng:1.2.15:rc2
    cpe:2.3:a:libpng:libpng:1.2.15:rc2
  • cpe:2.3:a:libpng:libpng:1.2.10:beta6
    cpe:2.3:a:libpng:libpng:1.2.10:beta6
  • cpe:2.3:a:libpng:libpng:1.2.10:beta7
    cpe:2.3:a:libpng:libpng:1.2.10:beta7
  • cpe:2.3:a:libpng:libpng:1.2.10:beta4
    cpe:2.3:a:libpng:libpng:1.2.10:beta4
  • cpe:2.3:a:libpng:libpng:1.2.10:beta5
    cpe:2.3:a:libpng:libpng:1.2.10:beta5
  • cpe:2.3:a:libpng:libpng:1.2.10:rc3
    cpe:2.3:a:libpng:libpng:1.2.10:rc3
  • cpe:2.3:a:libpng:libpng:1.2.11:beta1
    cpe:2.3:a:libpng:libpng:1.2.11:beta1
  • cpe:2.3:a:libpng:libpng:1.2.10:rc1
    cpe:2.3:a:libpng:libpng:1.2.10:rc1
  • cpe:2.3:a:libpng:libpng:1.2.10:rc2
    cpe:2.3:a:libpng:libpng:1.2.10:rc2
  • cpe:2.3:a:libpng:libpng:1.2.11:beta4
    cpe:2.3:a:libpng:libpng:1.2.11:beta4
  • cpe:2.3:a:libpng:libpng:1.2.11:rc1
    cpe:2.3:a:libpng:libpng:1.2.11:rc1
  • cpe:2.3:a:libpng:libpng:1.2.11:beta2
    cpe:2.3:a:libpng:libpng:1.2.11:beta2
  • cpe:2.3:a:libpng:libpng:1.2.11:beta3
    cpe:2.3:a:libpng:libpng:1.2.11:beta3
  • cpe:2.3:a:libpng:libpng:1.2.11:rc5
    cpe:2.3:a:libpng:libpng:1.2.11:rc5
  • cpe:2.3:a:libpng:libpng:1.2.13:beta1
    cpe:2.3:a:libpng:libpng:1.2.13:beta1
  • cpe:2.3:a:libpng:libpng:1.2.11:rc2
    cpe:2.3:a:libpng:libpng:1.2.11:rc2
  • cpe:2.3:a:libpng:libpng:1.2.11:rc3
    cpe:2.3:a:libpng:libpng:1.2.11:rc3
  • libpng 1.0.9
    cpe:2.3:a:libpng:libpng:1.0.9
  • libpng 1.0.8
    cpe:2.3:a:libpng:libpng:1.0.8
  • cpe:2.3:a:libpng:libpng:1.2.23:beta02-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta02-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta01-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta01-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta04-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta04-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta03-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta03-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta03
    cpe:2.3:a:libpng:libpng:1.2.23:beta03
  • cpe:2.3:a:libpng:libpng:1.2.23:beta02
    cpe:2.3:a:libpng:libpng:1.2.23:beta02
  • cpe:2.3:a:libpng:libpng:1.2.23:beta05
    cpe:2.3:a:libpng:libpng:1.2.23:beta05
  • cpe:2.3:a:libpng:libpng:1.2.23:beta04
    cpe:2.3:a:libpng:libpng:1.2.23:beta04
  • cpe:2.3:a:libpng:libpng:1.2.24:beta03-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta03-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.24:beta02-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta02-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.24:beta01
    cpe:2.3:a:libpng:libpng:1.2.24:beta01
  • cpe:2.3:a:libpng:libpng:1.2.24:rc01-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:rc01-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.23:rc01-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:rc01-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta05-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta05-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.24:beta01-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta01-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.23:rc01
    cpe:2.3:a:libpng:libpng:1.2.23:rc01
  • cpe:2.3:a:libpng:libpng:1.2.21:rc2
    cpe:2.3:a:libpng:libpng:1.2.21:rc2
  • cpe:2.3:a:libpng:libpng:1.2.21:rc3
    cpe:2.3:a:libpng:libpng:1.2.21:rc3
  • cpe:2.3:a:libpng:libpng:1.2.22:beta1
    cpe:2.3:a:libpng:libpng:1.2.22:beta1
  • cpe:2.3:a:libpng:libpng:1.2.22:beta2
    cpe:2.3:a:libpng:libpng:1.2.22:beta2
  • cpe:2.3:a:libpng:libpng:1.2.20:rc6
    cpe:2.3:a:libpng:libpng:1.2.20:rc6
  • cpe:2.3:a:libpng:libpng:1.2.21:beta1
    cpe:2.3:a:libpng:libpng:1.2.21:beta1
  • cpe:2.3:a:libpng:libpng:1.2.21:beta2
    cpe:2.3:a:libpng:libpng:1.2.21:beta2
  • cpe:2.3:a:libpng:libpng:1.2.21:rc1
    cpe:2.3:a:libpng:libpng:1.2.21:rc1
  • cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:rc1
    cpe:2.3:a:libpng:libpng:1.2.22:rc1
  • cpe:2.3:a:libpng:libpng:1.2.23:beta01
    cpe:2.3:a:libpng:libpng:1.2.23:beta01
  • cpe:2.3:a:libpng:libpng:1.2.22:beta3
    cpe:2.3:a:libpng:libpng:1.2.22:beta3
  • cpe:2.3:a:libpng:libpng:1.2.22:beta4
    cpe:2.3:a:libpng:libpng:1.2.22:beta4
  • cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.20:beta01
    cpe:2.3:a:libpng:libpng:1.2.20:beta01
  • libpng 1.2.23
    cpe:2.3:a:libpng:libpng:1.2.23
  • libpng 1.2.22
    cpe:2.3:a:libpng:libpng:1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.19:beta33
    cpe:2.3:a:libpng:libpng:1.2.19:beta33
  • cpe:2.3:a:libpng:libpng:1.2.20:rc5
    cpe:2.3:a:libpng:libpng:1.2.20:rc5
  • cpe:2.3:a:libpng:libpng:1.2.20:rc4
    cpe:2.3:a:libpng:libpng:1.2.20:rc4
  • cpe:2.3:a:libpng:libpng:1.2.20:rc3
    cpe:2.3:a:libpng:libpng:1.2.20:rc3
  • cpe:2.3:a:libpng:libpng:1.2.20:rc2
    cpe:2.3:a:libpng:libpng:1.2.20:rc2
  • cpe:2.3:a:libpng:libpng:1.2.20:rc1
    cpe:2.3:a:libpng:libpng:1.2.20:rc1
  • libpng 1.2.25
    cpe:2.3:a:libpng:libpng:1.2.25
  • cpe:2.3:a:libpng:libpng:1.2.20:beta04
    cpe:2.3:a:libpng:libpng:1.2.20:beta04
  • libpng 1.2.24
    cpe:2.3:a:libpng:libpng:1.2.24
  • cpe:2.3:a:libpng:libpng:1.2.20:beta03
    cpe:2.3:a:libpng:libpng:1.2.20:beta03
  • cpe:2.3:a:libpng:libpng:1.2.20:beta02
    cpe:2.3:a:libpng:libpng:1.2.20:beta02
  • libpng 1.2.26
    cpe:2.3:a:libpng:libpng:1.2.26
  • cpe:2.3:a:libpng:libpng:1.2.19:beta23
    cpe:2.3:a:libpng:libpng:1.2.19:beta23
  • cpe:2.3:a:libpng:libpng:1.2.19:beta24
    cpe:2.3:a:libpng:libpng:1.2.19:beta24
  • libpng 1.2.2
    cpe:2.3:a:libpng:libpng:1.2.2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta21
    cpe:2.3:a:libpng:libpng:1.2.19:beta21
  • cpe:2.3:a:libpng:libpng:1.2.19:beta22
    cpe:2.3:a:libpng:libpng:1.2.19:beta22
  • cpe:2.3:a:libpng:libpng:1.2.19:beta19
    cpe:2.3:a:libpng:libpng:1.2.19:beta19
  • cpe:2.3:a:libpng:libpng:1.2.19:beta20
    cpe:2.3:a:libpng:libpng:1.2.19:beta20
  • cpe:2.3:a:libpng:libpng:1.2.19:beta31
    cpe:2.3:a:libpng:libpng:1.2.19:beta31
  • cpe:2.3:a:libpng:libpng:1.2.19:beta32
    cpe:2.3:a:libpng:libpng:1.2.19:beta32
  • cpe:2.3:a:libpng:libpng:1.2.19:beta29
    cpe:2.3:a:libpng:libpng:1.2.19:beta29
  • cpe:2.3:a:libpng:libpng:1.2.19:beta30
    cpe:2.3:a:libpng:libpng:1.2.19:beta30
  • cpe:2.3:a:libpng:libpng:1.2.19:beta27
    cpe:2.3:a:libpng:libpng:1.2.19:beta27
  • cpe:2.3:a:libpng:libpng:1.2.19:beta28
    cpe:2.3:a:libpng:libpng:1.2.19:beta28
  • cpe:2.3:a:libpng:libpng:1.2.19:beta25
    cpe:2.3:a:libpng:libpng:1.2.19:beta25
  • cpe:2.3:a:libpng:libpng:1.2.19:beta26
    cpe:2.3:a:libpng:libpng:1.2.19:beta26
  • cpe:2.3:a:libpng:libpng:1.2.19:beta2
    cpe:2.3:a:libpng:libpng:1.2.19:beta2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta4
    cpe:2.3:a:libpng:libpng:1.2.19:beta4
  • cpe:2.3:a:libpng:libpng:1.2.19:beta3
    cpe:2.3:a:libpng:libpng:1.2.19:beta3
  • cpe:2.3:a:libpng:libpng:1.2.19:beta6
    cpe:2.3:a:libpng:libpng:1.2.19:beta6
  • cpe:2.3:a:libpng:libpng:1.2.19:beta5
    cpe:2.3:a:libpng:libpng:1.2.19:beta5
  • cpe:2.3:a:libpng:libpng:1.2.19:beta8
    cpe:2.3:a:libpng:libpng:1.2.19:beta8
  • cpe:2.3:a:libpng:libpng:1.2.19:beta7
    cpe:2.3:a:libpng:libpng:1.2.19:beta7
  • cpe:2.3:a:libpng:libpng:1.2.19:beta9
    cpe:2.3:a:libpng:libpng:1.2.19:beta9
  • cpe:2.3:a:libpng:libpng:1.2.19:rc1
    cpe:2.3:a:libpng:libpng:1.2.19:rc1
  • cpe:2.3:a:libpng:libpng:1.2.19:rc2
    cpe:2.3:a:libpng:libpng:1.2.19:rc2
  • cpe:2.3:a:libpng:libpng:1.2.19:rc3
    cpe:2.3:a:libpng:libpng:1.2.19:rc3
  • cpe:2.3:a:libpng:libpng:1.2.19:rc4
    cpe:2.3:a:libpng:libpng:1.2.19:rc4
  • cpe:2.3:a:libpng:libpng:1.2.19:rc5
    cpe:2.3:a:libpng:libpng:1.2.19:rc5
  • cpe:2.3:a:libpng:libpng:1.2.19:rc6
    cpe:2.3:a:libpng:libpng:1.2.19:rc6
  • libpng 1.2.21
    cpe:2.3:a:libpng:libpng:1.2.21
  • libpng 1.2.20
    cpe:2.3:a:libpng:libpng:1.2.20
  • cpe:2.3:a:libpng:libpng:1.2.2:rc1
    cpe:2.3:a:libpng:libpng:1.2.2:rc1
  • cpe:2.3:a:libpng:libpng:1.2.2:beta1
    cpe:2.3:a:libpng:libpng:1.2.2:beta1
  • cpe:2.3:a:libpng:libpng:1.2.2:beta2
    cpe:2.3:a:libpng:libpng:1.2.2:beta2
  • cpe:2.3:a:libpng:libpng:1.2.2:beta5
    cpe:2.3:a:libpng:libpng:1.2.2:beta5
  • cpe:2.3:a:libpng:libpng:1.2.2:beta6
    cpe:2.3:a:libpng:libpng:1.2.2:beta6
  • cpe:2.3:a:libpng:libpng:1.2.2:beta3
    cpe:2.3:a:libpng:libpng:1.2.2:beta3
  • cpe:2.3:a:libpng:libpng:1.2.2:beta4
    cpe:2.3:a:libpng:libpng:1.2.2:beta4
  • cpe:2.3:a:libpng:libpng:1.2.26:beta01
    cpe:2.3:a:libpng:libpng:1.2.26:beta01
  • cpe:2.3:a:libpng:libpng:1.2.25:rc02
    cpe:2.3:a:libpng:libpng:1.2.25:rc02
  • cpe:2.3:a:libpng:libpng:1.2.25:rc01
    cpe:2.3:a:libpng:libpng:1.2.25:rc01
  • cpe:2.3:a:libpng:libpng:1.2.25:beta06
    cpe:2.3:a:libpng:libpng:1.2.25:beta06
  • cpe:2.3:a:libpng:libpng:1.2.26:beta04
    cpe:2.3:a:libpng:libpng:1.2.26:beta04
  • cpe:2.3:a:libpng:libpng:1.2.26:beta03
    cpe:2.3:a:libpng:libpng:1.2.26:beta03
  • cpe:2.3:a:libpng:libpng:1.2.26:beta02
    cpe:2.3:a:libpng:libpng:1.2.26:beta02
  • cpe:2.3:a:libpng:libpng:1.2.25:beta01
    cpe:2.3:a:libpng:libpng:1.2.25:beta01
  • cpe:2.3:a:libpng:libpng:1.2.24:rc01
    cpe:2.3:a:libpng:libpng:1.2.24:rc01
  • cpe:2.3:a:libpng:libpng:1.2.24:beta03
    cpe:2.3:a:libpng:libpng:1.2.24:beta03
  • cpe:2.3:a:libpng:libpng:1.2.24:beta02
    cpe:2.3:a:libpng:libpng:1.2.24:beta02
  • cpe:2.3:a:libpng:libpng:1.2.25:beta05
    cpe:2.3:a:libpng:libpng:1.2.25:beta05
  • cpe:2.3:a:libpng:libpng:1.2.25:beta04
    cpe:2.3:a:libpng:libpng:1.2.25:beta04
  • cpe:2.3:a:libpng:libpng:1.2.25:beta03
    cpe:2.3:a:libpng:libpng:1.2.25:beta03
  • cpe:2.3:a:libpng:libpng:1.2.25:beta02
    cpe:2.3:a:libpng:libpng:1.2.25:beta02
  • cpe:2.3:a:libpng:libpng:1.2.26:beta05
    cpe:2.3:a:libpng:libpng:1.2.26:beta05
  • cpe:2.3:a:libpng:libpng:1.2.26:rc01
    cpe:2.3:a:libpng:libpng:1.2.26:rc01
  • libpng 1.2.3
    cpe:2.3:a:libpng:libpng:1.2.3
  • cpe:2.3:a:libpng:libpng:1.2.3:rc3
    cpe:2.3:a:libpng:libpng:1.2.3:rc3
  • cpe:2.3:a:libpng:libpng:1.2.3:rc6
    cpe:2.3:a:libpng:libpng:1.2.3:rc6
  • libpng 1.2.30
    cpe:2.3:a:libpng:libpng:1.2.30
  • libpng 1.2.31
    cpe:2.3:a:libpng:libpng:1.2.31
  • libpng 1.2.33
    cpe:2.3:a:libpng:libpng:1.2.33
  • libpng 1.2.34
    cpe:2.3:a:libpng:libpng:1.2.34
  • libpng 1.2.35
    cpe:2.3:a:libpng:libpng:1.2.35
CVSS
Base: 4.3 (as of 15-06-2009 - 11:14)
Impact:
Exploitability:
CWE CWE-200
CAPEC
  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
  • Reusing Session IDs (aka Session Replay)
    This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used previously during a transaction to perform spoofing and session hijacking. Another name for this type of attack is Session Replay.
  • Using Slashes in Alternate Encoding
    This attack targets the encoding of the Slash characters. An attacker would try to exploit common filtering problems related to the use of the slashes characters to gain access to resources on the target host. Directory-driven systems, such as file systems and databases, typically use the slash character to indicate traversal between directories or other container components. For murky historical reasons, PCs (and, as a result, Microsoft OSs) choose to use a backslash, whereas the UNIX world typically makes use of the forward slash. The schizophrenic result is that many MS-based systems are required to understand both forms of the slash. This gives the attacker many opportunities to discover and abuse a number of common filtering problems. The goal of this pattern is to discover server software that only applies filters to one version, but not the other.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBPNG-6326.NASL
    description This update of libpng improves the parsing of 1-bit interlaced images. This bug could be abused to use 'out-of-bounds pixels' to read memory. (CVE-2009-2042)
    last seen 2018-09-01
    modified 2012-05-17
    plugin id 41549
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41549
    title SuSE 10 Security Update : libpng (ZYPP Patch Number 6326)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12444.NASL
    description This update of libpng improves the parsing of 1-bit interlaced images. This bug could be abused to use 'out-of-bounds pixels' to read memory. (CVE-2009-2042)
    last seen 2018-09-01
    modified 2012-04-23
    plugin id 41308
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41308
    title SuSE9 Security Update : libpng (YOU Patch Number 12444)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-5977.NASL
    description Fix libpng vulnerability (RHBZ#504782). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2015-10-21
    plugin id 39397
    published 2009-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39397
    title Fedora 11 : mingw32-libpng-1.2.37-1.fc11 (2009-5977)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200906-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-200906-01 (libpng: Information disclosure) Jeff Phillips discovered that libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file. Impact : A remote attacker might entice a user to open a specially crafted PNG file, possibly resulting in the disclosure of sensitive memory portions. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-11
    plugin id 39561
    published 2009-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39561
    title GLSA-200906-01 : libpng: Information disclosure
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2009-170-01.NASL
    description New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications.
    last seen 2019-01-16
    modified 2018-06-27
    plugin id 39472
    published 2009-06-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39472
    title Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2009-170-01)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBPNG-6324.NASL
    description This update of libpng improves the parsing of 1-bit interlaced images. This bug could be abused to use 'out-of-bounds pixels' to read memory. (CVE-2009-2042)
    last seen 2018-09-02
    modified 2014-06-13
    plugin id 42016
    published 2009-10-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=42016
    title openSUSE 10 Security Update : libpng (libpng-6324)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-08 (Multiple packages, Multiple vulnerabilities fixed in 2010) Vulnerabilities have been discovered in the packages listed below. Please review the CVE identifiers in the Reference section for details. Insight Perl Tk Module Source-Navigator Tk Partimage Mlmmj acl Xinit gzip ncompress liblzw splashutils GNU M4 KDE Display Manager GTK+ KGet dvipng Beanstalk Policy Mount pam_krb5 GNU gv LFTP Uzbl Slim Bitdefender Console iputils DVBStreamer Impact : A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, cause Denial of Service, obtain sensitive information, or otherwise bypass security restrictions. Workaround : There are no known workarounds at this time.
    last seen 2019-01-16
    modified 2018-12-05
    plugin id 79961
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79961
    title GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBPNG-DEVEL-090624.NASL
    description This update of libpng improves the parsing of 1-bit interlaced images. This bug could be abused to use 'out-of-bounds pixels' to read memory. (CVE-2009-2042)
    last seen 2018-09-02
    modified 2014-06-13
    plugin id 40266
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40266
    title openSUSE Security Update : libpng-devel (libpng-devel-1046)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBPNG-DEVEL-090624.NASL
    description This update of libpng improves the parsing of 1-bit interlaced images. This bug could be abused to use 'out-of-bounds pixels' to read memory. (CVE-2009-2042)
    last seen 2018-09-01
    modified 2013-10-25
    plugin id 41426
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41426
    title SuSE 11 Security Update : libpng (SAT Patch Number 1039)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-063.NASL
    description Multiple vulnerabilities has been found and corrected in libpng : libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via out-of-bounds pixels in the file (CVE-2009-2042). The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a decompression bomb attack (CVE-2010-0205). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 45124
    published 2010-03-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45124
    title Mandriva Linux Security Advisory : libpng (MDVSA-2010:063)
  • NASL family VMware ESX Local Security Checks
    NASL id VMWARE_VMSA-2010-0007.NASL
    description a. Windows-based VMware Tools Unsafe Library Loading vulnerability A vulnerability in the way VMware libraries are referenced allows for arbitrary code execution in the context of the logged on user. This vulnerability is present only on Windows Guest Operating Systems. In order for an attacker to exploit the vulnerability, the attacker would need to lure the user that is logged on a Windows Guest Operating System to click on the attacker's file on a network share. This file could be in any file format. The attacker will need to have the ability to host their malicious files on a network share. VMware would like to thank Jure Skofic and Mitja Kolsek of ACROS Security (http://www.acrossecurity.com) for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1141 to this issue. Steps needed to remediate this vulnerability : Guest systems on VMware Workstation, Player, ACE, Server, Fusion - Install the remediated version of Workstation, Player, ACE, Server and Fusion. - Upgrade tools in the virtual machine (virtual machine users will be prompted to upgrade). Guest systems on ESX 4.0, 3.5, 3.0.3, 2.5.5, ESXi 4.0, 3.5 - Install the relevant patches (see below for patch identifiers) - Manually upgrade tools in the virtual machine (virtual machine users will not be prompted to upgrade). Note the VI Client will not show the VMware tools is out of date in the summary tab. Please see http://tinyurl.com/27mpjo page 80 for details. b. Windows-based VMware Tools Arbitrary Code Execution vulnerability A vulnerability in the way VMware executables are loaded allows for arbitrary code execution in the context of the logged on user. This vulnerability is present only on Windows Guest Operating Systems. In order for an attacker to exploit the vulnerability, the attacker would need to be able to plant their malicious executable in a certain location on the Virtual Machine of the user. On most recent versions of Windows (XP, Vista) the attacker would need to have administrator privileges to plant the malicious executable in the right location. Steps needed to remediate this vulnerability: See section 3.a. VMware would like to thank Mitja Kolsek of ACROS Security (http://www.acrossecurity.com) for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1142 to this issue. Refer to the previous table in section 3.a for what action remediates the vulnerability (column 4) if a solution is available. See above for remediation details. c. Windows-based VMware Workstation and Player host privilege escalation A vulnerability in the USB service allows for a privilege escalation. A local attacker on the host of a Windows-based Operating System where VMware Workstation or VMware Player is installed could plant a malicious executable on the host and elevate their privileges. In order for an attacker to exploit the vulnerability, the attacker would need to be able to plant their malicious executable in a certain location on the host machine. On most recent versions of Windows (XP, Vista) the attacker would need to have administrator privileges to plant the malicious executable in the right location. VMware would like to thank Thierry Zoller for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1140 to this issue. d. Third-party library update for libpng to version 1.2.37 The libpng libraries through 1.2.35 contain an uninitialized- memory-read bug that may have security implications. Specifically, 1-bit (2-color) interlaced images whose widths are not divisible by 8 may result in several uninitialized bits at the end of certain rows in certain interlace passes being returned to the user. An application that failed to mask these out-of-bounds pixels might display or process them, albeit presumably with benign results in most cases. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-2042 to this issue. e. VMware VMnc Codec heap overflow vulnerabilities The VMware movie decoder contains the VMnc media codec that is required to play back movies recorded with VMware Workstation, VMware Player and VMware ACE, in any compatible media player. The movie decoder is installed as part of VMware Workstation, VMware Player and VMware ACE, or can be downloaded as a stand alone package. Vulnerabilities in the decoder allow for execution of arbitrary code with the privileges of the user running an application utilizing the vulnerable codec. For an attack to be successful the user must be tricked into visiting a malicious web page or opening a malicious video file on a system that has the vulnerable version of the VMnc codec installed. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2009-1564 and CVE-2009-1565 to these issues. VMware would like to thank iDefense, Sebastien Renaud of VUPEN Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop of Secunia Research for reporting these issues to us. To remediate the above issues either install the stand alone movie decoder or update your product using the table below. f. VMware Remote Console format string vulnerability VMware Remote Console (VMrc) contains a format string vulnerability. Exploitation of this issue may lead to arbitrary code execution on the system where VMrc is installed. For an attack to be successful, an attacker would need to trick the VMrc user into opening a malicious Web page or following a malicious URL. Code execution would be at the privilege level of the user. VMrc is present on a system if the VMrc browser plug-in has been installed. This plug-in is required when using the console feature in WebAccess. Installation of the plug-in follows after visiting the console tab in WebAccess and choosing 'Install plug-in'. The plug- in can only be installed on Internet Explorer and Firefox. Under the following two conditions your version of VMrc is likely to be affected : - the VMrc plug-in was obtained from vCenter 4.0 or from ESX 4.0 without patch ESX400-200911223-UG and - VMrc is installed on a Windows-based system The following steps allow you to determine if you have an affected version of VMrc installed : - Locate the VMrc executable vmware-vmrc.exe on your Windows-based system - Right click and go to Properties - Go to the tab 'Versions' - Click 'File Version' in the 'Item Name' window - If the 'Value' window shows 'e.x.p build-158248', the version of VMrc is affected Remediation of this issue on Windows-based systems requires the following steps (Linux-based systems are not affected) : - Uninstall affected versions of VMrc from the systems where the VMrc plug-in has been installed (use the Windows Add/Remove Programs interface) - Install vCenter 4.0 Update 1 or install the ESX 4.0 patch ESX400-200911223-UG - Login into vCenter 4.0 Update 1 or ESX 4.0 with patch ESX400-200911223-UG using WebAccess on the system where the VMrc needs to be re-installed - Re-install VMrc by going to the console tab in WebAccess. The Console tab is selectable after selecting a virtual machine. Note: the VMrc plug-in for Firefox on Windows-based operating systems is no longer compatible after the above remediation steps. Users are advised to use the Internet Explorer VMrc plug-in. VMware would like to thank Alexey Sintsov from Digital Security Research Group for reporting this issue to us. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2009-3732 to this issue. g. Windows-based VMware authd remote denial of service A vulnerability in vmware-authd could cause a denial of service condition on Windows-based hosts. The denial of service is limited to a crash of authd. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-3707 to this issue. h. Potential information leak via hosted networking stack A vulnerability in the virtual networking stack of VMware hosted products could allow host information disclosure. A guest operating system could send memory from the host vmware-vmx process to the virtual network adapter and potentially to the host's physical Ethernet wire. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-1138 to this issue. VMware would like to thank Johann MacDonagh for reporting this issue to us. i. Linux-based vmrun format string vulnerability A format string vulnerability in vmrun could allow arbitrary code execution. If a vmrun command is issued and processes are listed, code could be executed in the context of the user listing the processes. The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2010-1139 to this issue. VMware would like to thank Thomas Toth-Steiner for reporting this issue to us.
    last seen 2019-01-16
    modified 2018-08-06
    plugin id 56246
    published 2011-09-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=56246
    title VMSA-2010-0007 : VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_LIBPNG-DEVEL-090624.NASL
    description This update of libpng improves the parsing of 1-bit interlaced images. This bug could be abused to use 'out-of-bounds pixels' to read memory. (CVE-2009-2042)
    last seen 2018-09-01
    modified 2014-06-13
    plugin id 40040
    published 2009-07-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=40040
    title openSUSE Security Update : libpng-devel (libpng-devel-1046)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2009-6400.NASL
    description Fix libpng vulnerability (RHBZ#504782). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2015-10-21
    plugin id 39405
    published 2009-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=39405
    title Fedora 10 : mingw32-libpng-1.2.37-1.fc10 (2009-6400)
  • NASL family Windows
    NASL id VMWARE_MULTIPLE_VMSA_2010_0007.NASL
    description A VMware product (Player, Workstation, or Movie Decoder) detected on the remote host has one or more of the following vulnerabilities : - The VMnc media codec has multiple heap overflow vulnerabilities. A remote attacker could exploit these issues by tricking a user into requesting a malicious web page or opening a malicious file. (CVE-2009-1564, CVE-2009-1565) - A flaw in the 3rd party libpng library could allow an attacker to read sensitive portions of memory. (CVE-2009-2042) - A flaw in vmware-authd could lead to a denial of service service on Windows-based hosts. (CVE-2009-3707) - A format string vulnerability exists in the VMware Remote Console Plug-in. A remote attacker could exploit this by tricking a user into requesting a malicious web page, resulting in arbitrary code execution. (CVE-2009-3732) - A flaw in the virtual networking stack could result in an information leak, causing memory from a guest VM to be sent to host's physical network. (CVE-2010-1138) - A vulnerability in the USB service allows a local attacker to elevate privileges by placing a malicious file in a certain location. This vulnerability only affects Workstation and Player installed on Windows. (CVE-2010-1140) - A flaw in the way VMware libraries are referenced could allow a remote attacker to execute arbitrary code in a guest Windows VM by tricking a user into requesting a malicious file. (CVE-2010-1141) - A flaw in the way VMware executables are loaded could allow a malicious user to execute arbitrary code in a guest Windows VM by planting a malicious file in a a certain location. (CVE-2010-1142)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 45541
    published 2010-04-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45541
    title VMware Products Multiple Vulnerabilities (VMSA-2010-0007)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100714_LIBPNG_ON_SL3_X.NASL
    description A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2019-01-02
    plugin id 60816
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60816
    title Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2032.NASL
    description Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2042 libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via 'out-of-bounds pixels' in the file. - CVE-2010-0205 libpng does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 45480
    published 2010-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45480
    title Debian DSA-2032-1 : libpng - several vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2010-002.NASL
    description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-002 applied. This security update contains fixes for the following products : - AppKit - Application Firewall - AFP Server - Apache - ClamAV - CoreTypes - CUPS - curl - Cyrus IMAP - Cyrus SASL - Disk Images - Directory Services - Event Monitor - FreeRADIUS - FTP Server - iChat Server - Image RAW - Libsystem - Mail - Mailman - OS Services - Password Server - perl - PHP - PS Normalizer - Ruby - Server Admin - SMB - Tomcat - unzip - vim - Wiki Server - X11 - xar
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 45373
    published 2010-03-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45373
    title Mac OS X Multiple Vulnerabilities (Security Update 2010-002)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0534.NASL
    description Updated libpng and libpng10 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) Users of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 47741
    published 2010-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47741
    title CentOS 3 / 4 / 5 : libpng / libpng10 (CESA-2010:0534)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0534.NASL
    description Updated libpng and libpng10 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) Users of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-11-28
    plugin id 47876
    published 2010-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47876
    title RHEL 3 / 4 / 5 : libpng (RHSA-2010:0534)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0534.NASL
    description From Red Hat Security Advisory 2010:0534 : Updated libpng and libpng10 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) Users of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 68063
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68063
    title Oracle Linux 3 / 4 / 5 : libpng (ELSA-2010-0534)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-913-1.NASL
    description It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042) It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-0205). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-11-28
    plugin id 45080
    published 2010-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45080
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : libpng vulnerabilities (USN-913-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_3.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.3. Mac OS X 10.6.3 contains security fixes for the following products : - AFP Server - Apache - CoreAudio - CoreMedia - CoreTypes - CUPS - DesktopServices - Disk Images - Directory Services - Dovecot - Event Monitor - FreeRADIUS - FTP Server - iChat Server - ImageIO - Image RAW - Libsystem - Mail - MySQL - OS Services - Password Server - PHP - Podcast Producer - Preferences - PS Normalizer - QuickTime - Ruby - Server Admin - SMB - Tomcat - Wiki Server - X11
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 45372
    published 2010-03-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45372
    title Mac OS X 10.6.x < 10.6.3 Multiple Vulnerabilities
redhat via4
rpms
  • libpng-2:1.2.2-30
  • libpng-devel-2:1.2.2-30
  • libpng10-0:1.0.13-21
  • libpng10-devel-0:1.0.13-21
  • libpng-2:1.2.7-3.el4_8.3
  • libpng-devel-2:1.2.7-3.el4_8.3
  • libpng10-0:1.0.16-3.el4_8.4
  • libpng10-devel-0:1.0.16-3.el4_8.4
  • libpng-2:1.2.10-7.1.el5_5.3
  • libpng-devel-2:1.2.10-7.1.el5_5.3
refmap via4
apple APPLE-SA-2010-03-29-1
bid 35233
bugtraq 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
confirm
debian DSA-2032
fedora
  • FEDORA-2009-5977
  • FEDORA-2009-6400
fulldisc 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
gentoo GLSA-200906-01
mandriva MDVSA-2010:063
mlist [security-announce] 20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
secunia
  • 35346
  • 35470
  • 35524
  • 35594
  • 39206
  • 39215
  • 39251
slackware SSA:2009-170-01
ubuntu USN-913-1
vupen
  • ADV-2009-1510
  • ADV-2010-0637
  • ADV-2010-0682
  • ADV-2010-0847
xf libpng-interlaced-image-info-disclosure(50966)
statements via4
contributor Mark J Cox
lastmodified 2010-07-14
organization Red Hat
statement This issue has been addressed in Red Hat Enterprise Linux 3, 4, and 5 via https://rhn.redhat.com/errata/RHSA-2010-0534.html.
Last major update 12-05-2010 - 01:41
Published 12-06-2009 - 16:30
Last modified 16-08-2017 - 21:30
Back to Top