ID CVE-2010-0205
Summary The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
References
Vulnerable Configurations
  • cpe:2.3:a:libpng:libpng:1.0.25:rc2
    cpe:2.3:a:libpng:libpng:1.0.25:rc2
  • cpe:2.3:a:libpng:libpng:1.0.25:rc1
    cpe:2.3:a:libpng:libpng:1.0.25:rc1
  • cpe:2.3:a:libpng:libpng:1.0.24:rc1
    cpe:2.3:a:libpng:libpng:1.0.24:rc1
  • cpe:2.3:a:libpng:libpng:1.0.23:rc5
    cpe:2.3:a:libpng:libpng:1.0.23:rc5
  • cpe:2.3:a:libpng:libpng:1.0.23:rc4
    cpe:2.3:a:libpng:libpng:1.0.23:rc4
  • cpe:2.3:a:libpng:libpng:1.0.23:rc3
    cpe:2.3:a:libpng:libpng:1.0.23:rc3
  • cpe:2.3:a:libpng:libpng:1.0.23:rc2
    cpe:2.3:a:libpng:libpng:1.0.23:rc2
  • cpe:2.3:a:libpng:libpng:1.0.28:rc2
    cpe:2.3:a:libpng:libpng:1.0.28:rc2
  • cpe:2.3:a:libpng:libpng:1.0.27:rc6
    cpe:2.3:a:libpng:libpng:1.0.27:rc6
  • cpe:2.3:a:libpng:libpng:1.0.27:rc5
    cpe:2.3:a:libpng:libpng:1.0.27:rc5
  • cpe:2.3:a:libpng:libpng:1.0.27:rc4
    cpe:2.3:a:libpng:libpng:1.0.27:rc4
  • cpe:2.3:a:libpng:libpng:1.0.27:rc3
    cpe:2.3:a:libpng:libpng:1.0.27:rc3
  • cpe:2.3:a:libpng:libpng:1.0.27:rc2
    cpe:2.3:a:libpng:libpng:1.0.27:rc2
  • cpe:2.3:a:libpng:libpng:1.0.27:rc1
    cpe:2.3:a:libpng:libpng:1.0.27:rc1
  • cpe:2.3:a:libpng:libpng:1.0.19:rc3
    cpe:2.3:a:libpng:libpng:1.0.19:rc3
  • cpe:2.3:a:libpng:libpng:1.0.15:rc3
    cpe:2.3:a:libpng:libpng:1.0.15:rc3
  • cpe:2.3:a:libpng:libpng:1.0.19:rc1
    cpe:2.3:a:libpng:libpng:1.0.19:rc1
  • cpe:2.3:a:libpng:libpng:1.0.15:rc1
    cpe:2.3:a:libpng:libpng:1.0.15:rc1
  • cpe:2.3:a:libpng:libpng:1.0.15:rc2
    cpe:2.3:a:libpng:libpng:1.0.15:rc2
  • cpe:2.3:a:libpng:libpng:1.0.12:rc1
    cpe:2.3:a:libpng:libpng:1.0.12:rc1
  • cpe:2.3:a:libpng:libpng:1.0.12:beta1
    cpe:2.3:a:libpng:libpng:1.0.12:beta1
  • cpe:2.3:a:libpng:libpng:1.0.22:rc1
    cpe:2.3:a:libpng:libpng:1.0.22:rc1
  • cpe:2.3:a:libpng:libpng:1.0.23:rc1
    cpe:2.3:a:libpng:libpng:1.0.23:rc1
  • cpe:2.3:a:libpng:libpng:1.0.21:rc1
    cpe:2.3:a:libpng:libpng:1.0.21:rc1
  • cpe:2.3:a:libpng:libpng:1.0.21:rc2
    cpe:2.3:a:libpng:libpng:1.0.21:rc2
  • cpe:2.3:a:libpng:libpng:1.0.19:rc5
    cpe:2.3:a:libpng:libpng:1.0.19:rc5
  • cpe:2.3:a:libpng:libpng:1.0.11:beta1
    cpe:2.3:a:libpng:libpng:1.0.11:beta1
  • cpe:2.3:a:libpng:libpng:1.0.11:rc1
    cpe:2.3:a:libpng:libpng:1.0.11:rc1
  • cpe:2.3:a:libpng:libpng:1.0.11:beta3
    cpe:2.3:a:libpng:libpng:1.0.11:beta3
  • libpng 1.0.0
    cpe:2.3:a:libpng:libpng:1.0.0
  • cpe:2.3:a:libpng:libpng:1.0.11:beta2
    cpe:2.3:a:libpng:libpng:1.0.11:beta2
  • libpng 1.0.42
    cpe:2.3:a:libpng:libpng:1.0.42
  • cpe:2.3:a:libpng:libpng:1.0.17:rc1
    cpe:2.3:a:libpng:libpng:1.0.17:rc1
  • libpng 1.0.2
    cpe:2.3:a:libpng:libpng:1.0.2
  • libpng 1.0.30
    cpe:2.3:a:libpng:libpng:1.0.30
  • libpng 1.0.1
    cpe:2.3:a:libpng:libpng:1.0.1
  • libpng 1.0.31
    cpe:2.3:a:libpng:libpng:1.0.31
  • libpng 1.0.32
    cpe:2.3:a:libpng:libpng:1.0.32
  • libpng 1.0.5
    cpe:2.3:a:libpng:libpng:1.0.5
  • libpng 1.0.3
    cpe:2.3:a:libpng:libpng:1.0.3
  • cpe:2.3:a:libpng:libpng:1.0.6:h
    cpe:2.3:a:libpng:libpng:1.0.6:h
  • cpe:2.3:a:libpng:libpng:1.0.6:g
    cpe:2.3:a:libpng:libpng:1.0.6:g
  • cpe:2.3:a:libpng:libpng:1.0.6:j
    cpe:2.3:a:libpng:libpng:1.0.6:j
  • cpe:2.3:a:libpng:libpng:1.0.6:i
    cpe:2.3:a:libpng:libpng:1.0.6:i
  • cpe:2.3:a:libpng:libpng:1.0.7:rc1
    cpe:2.3:a:libpng:libpng:1.0.7:rc1
  • cpe:2.3:a:libpng:libpng:1.0.7:beta12
    cpe:2.3:a:libpng:libpng:1.0.7:beta12
  • cpe:2.3:a:libpng:libpng:1.0.7:beta11
    cpe:2.3:a:libpng:libpng:1.0.7:beta11
  • cpe:2.3:a:libpng:libpng:1.0.7:beta14
    cpe:2.3:a:libpng:libpng:1.0.7:beta14
  • cpe:2.3:a:libpng:libpng:1.0.7:beta13
    cpe:2.3:a:libpng:libpng:1.0.7:beta13
  • cpe:2.3:a:libpng:libpng:1.0.7:beta16
    cpe:2.3:a:libpng:libpng:1.0.7:beta16
  • cpe:2.3:a:libpng:libpng:1.0.7:beta15
    cpe:2.3:a:libpng:libpng:1.0.7:beta15
  • cpe:2.3:a:libpng:libpng:1.0.7:beta18
    cpe:2.3:a:libpng:libpng:1.0.7:beta18
  • cpe:2.3:a:libpng:libpng:1.0.7:beta17
    cpe:2.3:a:libpng:libpng:1.0.7:beta17
  • cpe:2.3:a:libpng:libpng:1.0.28:rc3
    cpe:2.3:a:libpng:libpng:1.0.28:rc3
  • cpe:2.3:a:libpng:libpng:1.0.28:rc4
    cpe:2.3:a:libpng:libpng:1.0.28:rc4
  • cpe:2.3:a:libpng:libpng:1.0.28:rc5
    cpe:2.3:a:libpng:libpng:1.0.28:rc5
  • cpe:2.3:a:libpng:libpng:1.0.28:rc6
    cpe:2.3:a:libpng:libpng:1.0.28:rc6
  • cpe:2.3:a:libpng:libpng:1.0.29:beta1
    cpe:2.3:a:libpng:libpng:1.0.29:beta1
  • cpe:2.3:a:libpng:libpng:1.0.29:rc1
    cpe:2.3:a:libpng:libpng:1.0.29:rc1
  • cpe:2.3:a:libpng:libpng:1.0.29:rc2
    cpe:2.3:a:libpng:libpng:1.0.29:rc2
  • cpe:2.3:a:libpng:libpng:1.0.29:rc3
    cpe:2.3:a:libpng:libpng:1.0.29:rc3
  • cpe:2.3:a:libpng:libpng:1.0.30:rc1
    cpe:2.3:a:libpng:libpng:1.0.30:rc1
  • cpe:2.3:a:libpng:libpng:1.0.31:rc01
    cpe:2.3:a:libpng:libpng:1.0.31:rc01
  • cpe:2.3:a:libpng:libpng:1.0.6:a
    cpe:2.3:a:libpng:libpng:1.0.6:a
  • cpe:2.3:a:libpng:libpng:1.0.6:d
    cpe:2.3:a:libpng:libpng:1.0.6:d
  • cpe:2.3:a:libpng:libpng:1.0.6:e
    cpe:2.3:a:libpng:libpng:1.0.6:e
  • cpe:2.3:a:libpng:libpng:1.0.6:f
    cpe:2.3:a:libpng:libpng:1.0.6:f
  • libpng 1.0.23
    cpe:2.3:a:libpng:libpng:1.0.23
  • libpng 1.0.24
    cpe:2.3:a:libpng:libpng:1.0.24
  • libpng 1.0.21
    cpe:2.3:a:libpng:libpng:1.0.21
  • libpng 1.0.22
    cpe:2.3:a:libpng:libpng:1.0.22
  • libpng 1.0.27
    cpe:2.3:a:libpng:libpng:1.0.27
  • libpng 1.0.29
    cpe:2.3:a:libpng:libpng:1.0.29
  • libpng 1.0.25
    cpe:2.3:a:libpng:libpng:1.0.25
  • libpng 1.0.26
    cpe:2.3:a:libpng:libpng:1.0.26
  • libpng 1.0.15
    cpe:2.3:a:libpng:libpng:1.0.15
  • libpng 1.0.39
    cpe:2.3:a:libpng:libpng:1.0.39
  • libpng 1.0.16
    cpe:2.3:a:libpng:libpng:1.0.16
  • libpng 1.0.40
    cpe:2.3:a:libpng:libpng:1.0.40
  • libpng 1.0.13
    cpe:2.3:a:libpng:libpng:1.0.13
  • libpng 1.0.37
    cpe:2.3:a:libpng:libpng:1.0.37
  • libpng 1.0.14
    cpe:2.3:a:libpng:libpng:1.0.14
  • libpng 1.0.38
    cpe:2.3:a:libpng:libpng:1.0.38
  • libpng 1.0.19
    cpe:2.3:a:libpng:libpng:1.0.19
  • libpng 1.0.34
    cpe:2.3:a:libpng:libpng:1.0.34
  • libpng 1.0.20
    cpe:2.3:a:libpng:libpng:1.0.20
  • libpng 1.0.35
    cpe:2.3:a:libpng:libpng:1.0.35
  • libpng 1.0.17
    cpe:2.3:a:libpng:libpng:1.0.17
  • libpng 1.0.18
    cpe:2.3:a:libpng:libpng:1.0.18
  • libpng 1.0.33
    cpe:2.3:a:libpng:libpng:1.0.33
  • libpng 1.0.7
    cpe:2.3:a:libpng:libpng:1.0.7
  • cpe:2.3:a:libpng:libpng:1.0.10:beta1
    cpe:2.3:a:libpng:libpng:1.0.10:beta1
  • cpe:2.3:a:libpng:libpng:1.0.10:rc1
    cpe:2.3:a:libpng:libpng:1.0.10:rc1
  • libpng 1.0.10
    cpe:2.3:a:libpng:libpng:1.0.10
  • libpng 1.0.28
    cpe:2.3:a:libpng:libpng:1.0.28
  • libpng 1.0.12
    cpe:2.3:a:libpng:libpng:1.0.12
  • libpng 1.0.11
    cpe:2.3:a:libpng:libpng:1.0.11
  • libpng 1.0.41
    cpe:2.3:a:libpng:libpng:1.0.41
  • libpng 1.0.6
    cpe:2.3:a:libpng:libpng:1.0.6
  • cpe:2.3:a:libpng:libpng:1.0.8:beta4
    cpe:2.3:a:libpng:libpng:1.0.8:beta4
  • cpe:2.3:a:libpng:libpng:1.0.9:rc1
    cpe:2.3:a:libpng:libpng:1.0.9:rc1
  • cpe:2.3:a:libpng:libpng:1.0.8:beta2
    cpe:2.3:a:libpng:libpng:1.0.8:beta2
  • cpe:2.3:a:libpng:libpng:1.0.8:beta3
    cpe:2.3:a:libpng:libpng:1.0.8:beta3
  • cpe:2.3:a:libpng:libpng:1.0.9:beta2
    cpe:2.3:a:libpng:libpng:1.0.9:beta2
  • cpe:2.3:a:libpng:libpng:1.0.9:beta3
    cpe:2.3:a:libpng:libpng:1.0.9:beta3
  • cpe:2.3:a:libpng:libpng:1.0.9:rc2
    cpe:2.3:a:libpng:libpng:1.0.9:rc2
  • cpe:2.3:a:libpng:libpng:1.0.9:beta1
    cpe:2.3:a:libpng:libpng:1.0.9:beta1
  • cpe:2.3:a:libpng:libpng:1.0.9:beta6
    cpe:2.3:a:libpng:libpng:1.0.9:beta6
  • cpe:2.3:a:libpng:libpng:1.0.9:beta7
    cpe:2.3:a:libpng:libpng:1.0.9:beta7
  • cpe:2.3:a:libpng:libpng:1.0.9:beta4
    cpe:2.3:a:libpng:libpng:1.0.9:beta4
  • cpe:2.3:a:libpng:libpng:1.0.9:beta5
    cpe:2.3:a:libpng:libpng:1.0.9:beta5
  • cpe:2.3:a:libpng:libpng:1.0.9:beta10
    cpe:2.3:a:libpng:libpng:1.0.9:beta10
  • cpe:2.3:a:libpng:libpng:1.0.9:beta8
    cpe:2.3:a:libpng:libpng:1.0.9:beta8
  • cpe:2.3:a:libpng:libpng:1.0.9:beta9
    cpe:2.3:a:libpng:libpng:1.0.9:beta9
  • cpe:2.3:a:libpng:libpng:1.0.7:rc2
    cpe:2.3:a:libpng:libpng:1.0.7:rc2
  • cpe:2.3:a:libpng:libpng:1.0.8:beta1
    cpe:2.3:a:libpng:libpng:1.0.8:beta1
  • cpe:2.3:a:libpng:libpng:1.0.8:rc1
    cpe:2.3:a:libpng:libpng:1.0.8:rc1
  • libpng 1.0.9
    cpe:2.3:a:libpng:libpng:1.0.9
  • libpng 1.0.8
    cpe:2.3:a:libpng:libpng:1.0.8
  • cpe:2.3:a:libpng:libpng:1.0.19:rc2
    cpe:2.3:a:libpng:libpng:1.0.19:rc2
  • libpng 1.2.19
    cpe:2.3:a:libpng:libpng:1.2.19
  • cpe:2.3:a:libpng:libpng:1.2.1:beta4
    cpe:2.3:a:libpng:libpng:1.2.1:beta4
  • libpng 1.2.18
    cpe:2.3:a:libpng:libpng:1.2.18
  • cpe:2.3:a:libpng:libpng:1.2.1:beta3
    cpe:2.3:a:libpng:libpng:1.2.1:beta3
  • cpe:2.3:a:libpng:libpng:1.2.1:beta2
    cpe:2.3:a:libpng:libpng:1.2.1:beta2
  • cpe:2.3:a:libpng:libpng:1.2.1:beta1
    cpe:2.3:a:libpng:libpng:1.2.1:beta1
  • libpng 1.2.15
    cpe:2.3:a:libpng:libpng:1.2.15
  • cpe:2.3:a:libpng:libpng:1.2.1:rc2
    cpe:2.3:a:libpng:libpng:1.2.1:rc2
  • libpng 1.2.14
    cpe:2.3:a:libpng:libpng:1.2.14
  • cpe:2.3:a:libpng:libpng:1.2.1:rc1
    cpe:2.3:a:libpng:libpng:1.2.1:rc1
  • libpng 1.2.17
    cpe:2.3:a:libpng:libpng:1.2.17
  • libpng 1.2.16
    cpe:2.3:a:libpng:libpng:1.2.16
  • cpe:2.3:a:libpng:libpng:1.2.19:beta33
    cpe:2.3:a:libpng:libpng:1.2.19:beta33
  • libpng 1.2.1
    cpe:2.3:a:libpng:libpng:1.2.1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta23
    cpe:2.3:a:libpng:libpng:1.2.19:beta23
  • cpe:2.3:a:libpng:libpng:1.2.19:beta24
    cpe:2.3:a:libpng:libpng:1.2.19:beta24
  • cpe:2.3:a:libpng:libpng:1.2.19:beta21
    cpe:2.3:a:libpng:libpng:1.2.19:beta21
  • cpe:2.3:a:libpng:libpng:1.2.19:beta22
    cpe:2.3:a:libpng:libpng:1.2.19:beta22
  • cpe:2.3:a:libpng:libpng:1.2.19:beta19
    cpe:2.3:a:libpng:libpng:1.2.19:beta19
  • cpe:2.3:a:libpng:libpng:1.2.19:beta20
    cpe:2.3:a:libpng:libpng:1.2.19:beta20
  • cpe:2.3:a:libpng:libpng:1.2.19:beta17
    cpe:2.3:a:libpng:libpng:1.2.19:beta17
  • libpng 1.2.0
    cpe:2.3:a:libpng:libpng:1.2.0
  • cpe:2.3:a:libpng:libpng:1.2.19:beta18
    cpe:2.3:a:libpng:libpng:1.2.19:beta18
  • cpe:2.3:a:libpng:libpng:1.2.19:beta31
    cpe:2.3:a:libpng:libpng:1.2.19:beta31
  • libpng 1.2.10
    cpe:2.3:a:libpng:libpng:1.2.10
  • cpe:2.3:a:libpng:libpng:1.2.19:beta32
    cpe:2.3:a:libpng:libpng:1.2.19:beta32
  • libpng 1.2.11
    cpe:2.3:a:libpng:libpng:1.2.11
  • cpe:2.3:a:libpng:libpng:1.2.19:beta29
    cpe:2.3:a:libpng:libpng:1.2.19:beta29
  • libpng 1.2.13
    cpe:2.3:a:libpng:libpng:1.2.13
  • cpe:2.3:a:libpng:libpng:1.2.19:beta30
    cpe:2.3:a:libpng:libpng:1.2.19:beta30
  • cpe:2.3:a:libpng:libpng:1.2.19:beta27
    cpe:2.3:a:libpng:libpng:1.2.19:beta27
  • cpe:2.3:a:libpng:libpng:1.2.19:beta28
    cpe:2.3:a:libpng:libpng:1.2.19:beta28
  • cpe:2.3:a:libpng:libpng:1.2.19:beta25
    cpe:2.3:a:libpng:libpng:1.2.19:beta25
  • cpe:2.3:a:libpng:libpng:1.2.19:beta26
    cpe:2.3:a:libpng:libpng:1.2.19:beta26
  • cpe:2.3:a:libpng:libpng:1.2.19:beta2
    cpe:2.3:a:libpng:libpng:1.2.19:beta2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta1
    cpe:2.3:a:libpng:libpng:1.2.19:beta1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta4
    cpe:2.3:a:libpng:libpng:1.2.19:beta4
  • cpe:2.3:a:libpng:libpng:1.2.19:beta3
    cpe:2.3:a:libpng:libpng:1.2.19:beta3
  • cpe:2.3:a:libpng:libpng:1.2.0:beta1
    cpe:2.3:a:libpng:libpng:1.2.0:beta1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta6
    cpe:2.3:a:libpng:libpng:1.2.19:beta6
  • cpe:2.3:a:libpng:libpng:1.2.19:beta5
    cpe:2.3:a:libpng:libpng:1.2.19:beta5
  • cpe:2.3:a:libpng:libpng:1.2.19:beta8
    cpe:2.3:a:libpng:libpng:1.2.19:beta8
  • cpe:2.3:a:libpng:libpng:1.2.19:beta7
    cpe:2.3:a:libpng:libpng:1.2.19:beta7
  • cpe:2.3:a:libpng:libpng:1.2.0:beta5
    cpe:2.3:a:libpng:libpng:1.2.0:beta5
  • cpe:2.3:a:libpng:libpng:1.2.19:beta10
    cpe:2.3:a:libpng:libpng:1.2.19:beta10
  • cpe:2.3:a:libpng:libpng:1.2.0:beta4
    cpe:2.3:a:libpng:libpng:1.2.0:beta4
  • cpe:2.3:a:libpng:libpng:1.2.19:beta9
    cpe:2.3:a:libpng:libpng:1.2.19:beta9
  • cpe:2.3:a:libpng:libpng:1.2.0:beta3
    cpe:2.3:a:libpng:libpng:1.2.0:beta3
  • cpe:2.3:a:libpng:libpng:1.2.19:beta12
    cpe:2.3:a:libpng:libpng:1.2.19:beta12
  • cpe:2.3:a:libpng:libpng:1.2.0:beta2
    cpe:2.3:a:libpng:libpng:1.2.0:beta2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta11
    cpe:2.3:a:libpng:libpng:1.2.19:beta11
  • cpe:2.3:a:libpng:libpng:1.2.10:beta3
    cpe:2.3:a:libpng:libpng:1.2.10:beta3
  • cpe:2.3:a:libpng:libpng:1.2.19:beta14
    cpe:2.3:a:libpng:libpng:1.2.19:beta14
  • cpe:2.3:a:libpng:libpng:1.2.10:beta2
    cpe:2.3:a:libpng:libpng:1.2.10:beta2
  • cpe:2.3:a:libpng:libpng:1.2.19:beta13
    cpe:2.3:a:libpng:libpng:1.2.19:beta13
  • cpe:2.3:a:libpng:libpng:1.2.10:beta1
    cpe:2.3:a:libpng:libpng:1.2.10:beta1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta16
    cpe:2.3:a:libpng:libpng:1.2.19:beta16
  • cpe:2.3:a:libpng:libpng:1.2.0:rc1
    cpe:2.3:a:libpng:libpng:1.2.0:rc1
  • cpe:2.3:a:libpng:libpng:1.2.19:beta15
    cpe:2.3:a:libpng:libpng:1.2.19:beta15
  • cpe:2.3:a:libpng:libpng:1.2.16:beta1
    cpe:2.3:a:libpng:libpng:1.2.16:beta1
  • cpe:2.3:a:libpng:libpng:1.2.16:rc1
    cpe:2.3:a:libpng:libpng:1.2.16:rc1
  • cpe:2.3:a:libpng:libpng:1.2.16:beta2
    cpe:2.3:a:libpng:libpng:1.2.16:beta2
  • cpe:2.3:a:libpng:libpng:1.2.17:beta1
    cpe:2.3:a:libpng:libpng:1.2.17:beta1
  • cpe:2.3:a:libpng:libpng:1.2.17:beta2
    cpe:2.3:a:libpng:libpng:1.2.17:beta2
  • cpe:2.3:a:libpng:libpng:1.2.17:rc1
    cpe:2.3:a:libpng:libpng:1.2.17:rc1
  • cpe:2.3:a:libpng:libpng:1.2.17:rc2
    cpe:2.3:a:libpng:libpng:1.2.17:rc2
  • cpe:2.3:a:libpng:libpng:1.2.17:rc3
    cpe:2.3:a:libpng:libpng:1.2.17:rc3
  • cpe:2.3:a:libpng:libpng:1.2.17:rc4
    cpe:2.3:a:libpng:libpng:1.2.17:rc4
  • cpe:2.3:a:libpng:libpng:1.2.14:beta1
    cpe:2.3:a:libpng:libpng:1.2.14:beta1
  • cpe:2.3:a:libpng:libpng:1.2.14:rc1
    cpe:2.3:a:libpng:libpng:1.2.14:rc1
  • cpe:2.3:a:libpng:libpng:1.2.13:rc2
    cpe:2.3:a:libpng:libpng:1.2.13:rc2
  • cpe:2.3:a:libpng:libpng:1.2.13:rc1
    cpe:2.3:a:libpng:libpng:1.2.13:rc1
  • cpe:2.3:a:libpng:libpng:1.2.15:beta3
    cpe:2.3:a:libpng:libpng:1.2.15:beta3
  • cpe:2.3:a:libpng:libpng:1.2.15:beta2
    cpe:2.3:a:libpng:libpng:1.2.15:beta2
  • cpe:2.3:a:libpng:libpng:1.2.15:beta1
    cpe:2.3:a:libpng:libpng:1.2.15:beta1
  • cpe:2.3:a:libpng:libpng:1.2.14:beta2
    cpe:2.3:a:libpng:libpng:1.2.14:beta2
  • cpe:2.3:a:libpng:libpng:1.2.15:rc1
    cpe:2.3:a:libpng:libpng:1.2.15:rc1
  • cpe:2.3:a:libpng:libpng:1.2.15:beta6
    cpe:2.3:a:libpng:libpng:1.2.15:beta6
  • cpe:2.3:a:libpng:libpng:1.2.15:beta5
    cpe:2.3:a:libpng:libpng:1.2.15:beta5
  • cpe:2.3:a:libpng:libpng:1.2.15:beta4
    cpe:2.3:a:libpng:libpng:1.2.15:beta4
  • cpe:2.3:a:libpng:libpng:1.2.15:rc5
    cpe:2.3:a:libpng:libpng:1.2.15:rc5
  • cpe:2.3:a:libpng:libpng:1.2.15:rc4
    cpe:2.3:a:libpng:libpng:1.2.15:rc4
  • cpe:2.3:a:libpng:libpng:1.2.15:rc3
    cpe:2.3:a:libpng:libpng:1.2.15:rc3
  • cpe:2.3:a:libpng:libpng:1.2.15:rc2
    cpe:2.3:a:libpng:libpng:1.2.15:rc2
  • cpe:2.3:a:libpng:libpng:1.2.10:beta6
    cpe:2.3:a:libpng:libpng:1.2.10:beta6
  • cpe:2.3:a:libpng:libpng:1.2.10:beta7
    cpe:2.3:a:libpng:libpng:1.2.10:beta7
  • cpe:2.3:a:libpng:libpng:1.2.10:beta4
    cpe:2.3:a:libpng:libpng:1.2.10:beta4
  • cpe:2.3:a:libpng:libpng:1.2.10:beta5
    cpe:2.3:a:libpng:libpng:1.2.10:beta5
  • cpe:2.3:a:libpng:libpng:1.2.10:rc3
    cpe:2.3:a:libpng:libpng:1.2.10:rc3
  • cpe:2.3:a:libpng:libpng:1.2.11:beta1
    cpe:2.3:a:libpng:libpng:1.2.11:beta1
  • cpe:2.3:a:libpng:libpng:1.2.10:rc1
    cpe:2.3:a:libpng:libpng:1.2.10:rc1
  • cpe:2.3:a:libpng:libpng:1.2.10:rc2
    cpe:2.3:a:libpng:libpng:1.2.10:rc2
  • cpe:2.3:a:libpng:libpng:1.2.11:beta4
    cpe:2.3:a:libpng:libpng:1.2.11:beta4
  • cpe:2.3:a:libpng:libpng:1.2.11:rc1
    cpe:2.3:a:libpng:libpng:1.2.11:rc1
  • cpe:2.3:a:libpng:libpng:1.2.11:beta2
    cpe:2.3:a:libpng:libpng:1.2.11:beta2
  • cpe:2.3:a:libpng:libpng:1.2.11:beta3
    cpe:2.3:a:libpng:libpng:1.2.11:beta3
  • cpe:2.3:a:libpng:libpng:1.2.11:rc5
    cpe:2.3:a:libpng:libpng:1.2.11:rc5
  • cpe:2.3:a:libpng:libpng:1.2.13:beta1
    cpe:2.3:a:libpng:libpng:1.2.13:beta1
  • cpe:2.3:a:libpng:libpng:1.2.11:rc2
    cpe:2.3:a:libpng:libpng:1.2.11:rc2
  • cpe:2.3:a:libpng:libpng:1.2.11:rc3
    cpe:2.3:a:libpng:libpng:1.2.11:rc3
  • cpe:2.3:a:libpng:libpng:1.2.23:beta02-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta02-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta01-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta01-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta04-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta04-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta03-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta03-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta03
    cpe:2.3:a:libpng:libpng:1.2.23:beta03
  • cpe:2.3:a:libpng:libpng:1.2.23:beta02
    cpe:2.3:a:libpng:libpng:1.2.23:beta02
  • cpe:2.3:a:libpng:libpng:1.2.23:beta05
    cpe:2.3:a:libpng:libpng:1.2.23:beta05
  • cpe:2.3:a:libpng:libpng:1.2.23:beta04
    cpe:2.3:a:libpng:libpng:1.2.23:beta04
  • cpe:2.3:a:libpng:libpng:1.2.24:beta03-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta03-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.24:beta02-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta02-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.24:beta01
    cpe:2.3:a:libpng:libpng:1.2.24:beta01
  • cpe:2.3:a:libpng:libpng:1.2.24:rc01-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:rc01-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.23:rc01-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:rc01-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.23:beta05-1.2.22
    cpe:2.3:a:libpng:libpng:1.2.23:beta05-1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.24:beta01-1.2.23
    cpe:2.3:a:libpng:libpng:1.2.24:beta01-1.2.23
  • cpe:2.3:a:libpng:libpng:1.2.23:rc01
    cpe:2.3:a:libpng:libpng:1.2.23:rc01
  • cpe:2.3:a:libpng:libpng:1.2.21:rc2
    cpe:2.3:a:libpng:libpng:1.2.21:rc2
  • cpe:2.3:a:libpng:libpng:1.2.21:rc3
    cpe:2.3:a:libpng:libpng:1.2.21:rc3
  • cpe:2.3:a:libpng:libpng:1.2.22:beta1
    cpe:2.3:a:libpng:libpng:1.2.22:beta1
  • cpe:2.3:a:libpng:libpng:1.2.22:beta2
    cpe:2.3:a:libpng:libpng:1.2.22:beta2
  • cpe:2.3:a:libpng:libpng:1.2.20:rc6
    cpe:2.3:a:libpng:libpng:1.2.20:rc6
  • cpe:2.3:a:libpng:libpng:1.2.21:beta1
    cpe:2.3:a:libpng:libpng:1.2.21:beta1
  • cpe:2.3:a:libpng:libpng:1.2.21:beta2
    cpe:2.3:a:libpng:libpng:1.2.21:beta2
  • cpe:2.3:a:libpng:libpng:1.2.21:rc1
    cpe:2.3:a:libpng:libpng:1.2.21:rc1
  • cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:rc1
    cpe:2.3:a:libpng:libpng:1.2.22:rc1
  • cpe:2.3:a:libpng:libpng:1.2.23:beta01
    cpe:2.3:a:libpng:libpng:1.2.23:beta01
  • cpe:2.3:a:libpng:libpng:1.2.22:beta3
    cpe:2.3:a:libpng:libpng:1.2.22:beta3
  • cpe:2.3:a:libpng:libpng:1.2.22:beta4
    cpe:2.3:a:libpng:libpng:1.2.22:beta4
  • cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21
    cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21
  • cpe:2.3:a:libpng:libpng:1.2.20:beta01
    cpe:2.3:a:libpng:libpng:1.2.20:beta01
  • libpng 1.2.23
    cpe:2.3:a:libpng:libpng:1.2.23
  • libpng 1.2.22
    cpe:2.3:a:libpng:libpng:1.2.22
  • cpe:2.3:a:libpng:libpng:1.2.20:rc5
    cpe:2.3:a:libpng:libpng:1.2.20:rc5
  • libpng 1.2.34
    cpe:2.3:a:libpng:libpng:1.2.34
  • cpe:2.3:a:libpng:libpng:1.2.20:rc4
    cpe:2.3:a:libpng:libpng:1.2.20:rc4
  • cpe:2.3:a:libpng:libpng:1.2.20:rc3
    cpe:2.3:a:libpng:libpng:1.2.20:rc3
  • cpe:2.3:a:libpng:libpng:1.2.20:rc2
    cpe:2.3:a:libpng:libpng:1.2.20:rc2
  • cpe:2.3:a:libpng:libpng:1.2.20:rc1
    cpe:2.3:a:libpng:libpng:1.2.20:rc1
  • libpng 1.2.25
    cpe:2.3:a:libpng:libpng:1.2.25
  • cpe:2.3:a:libpng:libpng:1.2.20:beta04
    cpe:2.3:a:libpng:libpng:1.2.20:beta04
  • libpng 1.2.24
    cpe:2.3:a:libpng:libpng:1.2.24
  • cpe:2.3:a:libpng:libpng:1.2.20:beta03
    cpe:2.3:a:libpng:libpng:1.2.20:beta03
  • cpe:2.3:a:libpng:libpng:1.2.20:beta02
    cpe:2.3:a:libpng:libpng:1.2.20:beta02
  • libpng 1.2.26
    cpe:2.3:a:libpng:libpng:1.2.26
  • libpng 1.2.2
    cpe:2.3:a:libpng:libpng:1.2.2
  • libpng 1.2.3
    cpe:2.3:a:libpng:libpng:1.2.3
  • libpng 1.2.4
    cpe:2.3:a:libpng:libpng:1.2.4
  • cpe:2.3:a:libpng:libpng:1.2.19:rc1
    cpe:2.3:a:libpng:libpng:1.2.19:rc1
  • cpe:2.3:a:libpng:libpng:1.2.19:rc2
    cpe:2.3:a:libpng:libpng:1.2.19:rc2
  • cpe:2.3:a:libpng:libpng:1.2.19:rc3
    cpe:2.3:a:libpng:libpng:1.2.19:rc3
  • cpe:2.3:a:libpng:libpng:1.2.19:rc4
    cpe:2.3:a:libpng:libpng:1.2.19:rc4
  • cpe:2.3:a:libpng:libpng:1.2.19:rc5
    cpe:2.3:a:libpng:libpng:1.2.19:rc5
  • cpe:2.3:a:libpng:libpng:1.2.19:rc6
    cpe:2.3:a:libpng:libpng:1.2.19:rc6
  • libpng 1.2.29
    cpe:2.3:a:libpng:libpng:1.2.29
  • libpng 1.2.28
    cpe:2.3:a:libpng:libpng:1.2.28
  • libpng 1.2.31
    cpe:2.3:a:libpng:libpng:1.2.31
  • libpng 1.2.30
    cpe:2.3:a:libpng:libpng:1.2.30
  • libpng 1.2.33
    cpe:2.3:a:libpng:libpng:1.2.33
  • libpng 1.2.32
    cpe:2.3:a:libpng:libpng:1.2.32
  • libpng 1.2.27
    cpe:2.3:a:libpng:libpng:1.2.27
  • cpe:2.3:a:libpng:libpng:1.2.4:beta1
    cpe:2.3:a:libpng:libpng:1.2.4:beta1
  • cpe:2.3:a:libpng:libpng:1.2.4:beta2
    cpe:2.3:a:libpng:libpng:1.2.4:beta2
  • libpng 1.2.21
    cpe:2.3:a:libpng:libpng:1.2.21
  • libpng 1.2.20
    cpe:2.3:a:libpng:libpng:1.2.20
  • cpe:2.3:a:libpng:libpng:1.2.3:rc2
    cpe:2.3:a:libpng:libpng:1.2.3:rc2
  • cpe:2.3:a:libpng:libpng:1.2.3:rc3
    cpe:2.3:a:libpng:libpng:1.2.3:rc3
  • cpe:2.3:a:libpng:libpng:1.2.2:rc1
    cpe:2.3:a:libpng:libpng:1.2.2:rc1
  • cpe:2.3:a:libpng:libpng:1.2.3:rc1
    cpe:2.3:a:libpng:libpng:1.2.3:rc1
  • cpe:2.3:a:libpng:libpng:1.2.3:rc6
    cpe:2.3:a:libpng:libpng:1.2.3:rc6
  • cpe:2.3:a:libpng:libpng:1.2.3:rc4
    cpe:2.3:a:libpng:libpng:1.2.3:rc4
  • cpe:2.3:a:libpng:libpng:1.2.3:rc5
    cpe:2.3:a:libpng:libpng:1.2.3:rc5
  • cpe:2.3:a:libpng:libpng:1.2.2:beta1
    cpe:2.3:a:libpng:libpng:1.2.2:beta1
  • cpe:2.3:a:libpng:libpng:1.2.2:beta2
    cpe:2.3:a:libpng:libpng:1.2.2:beta2
  • cpe:2.3:a:libpng:libpng:1.2.26:beta06
    cpe:2.3:a:libpng:libpng:1.2.26:beta06
  • cpe:2.3:a:libpng:libpng:1.2.26:rc01
    cpe:2.3:a:libpng:libpng:1.2.26:rc01
  • cpe:2.3:a:libpng:libpng:1.2.2:beta5
    cpe:2.3:a:libpng:libpng:1.2.2:beta5
  • cpe:2.3:a:libpng:libpng:1.2.2:beta6
    cpe:2.3:a:libpng:libpng:1.2.2:beta6
  • cpe:2.3:a:libpng:libpng:1.2.2:beta3
    cpe:2.3:a:libpng:libpng:1.2.2:beta3
  • cpe:2.3:a:libpng:libpng:1.2.2:beta4
    cpe:2.3:a:libpng:libpng:1.2.2:beta4
  • cpe:2.3:a:libpng:libpng:1.2.26:beta01
    cpe:2.3:a:libpng:libpng:1.2.26:beta01
  • cpe:2.3:a:libpng:libpng:1.2.25:rc02
    cpe:2.3:a:libpng:libpng:1.2.25:rc02
  • cpe:2.3:a:libpng:libpng:1.2.25:rc01
    cpe:2.3:a:libpng:libpng:1.2.25:rc01
  • cpe:2.3:a:libpng:libpng:1.2.25:beta06
    cpe:2.3:a:libpng:libpng:1.2.25:beta06
  • cpe:2.3:a:libpng:libpng:1.2.26:beta05
    cpe:2.3:a:libpng:libpng:1.2.26:beta05
  • cpe:2.3:a:libpng:libpng:1.2.26:beta04
    cpe:2.3:a:libpng:libpng:1.2.26:beta04
  • cpe:2.3:a:libpng:libpng:1.2.26:beta03
    cpe:2.3:a:libpng:libpng:1.2.26:beta03
  • cpe:2.3:a:libpng:libpng:1.2.26:beta02
    cpe:2.3:a:libpng:libpng:1.2.26:beta02
  • cpe:2.3:a:libpng:libpng:1.2.25:beta01
    cpe:2.3:a:libpng:libpng:1.2.25:beta01
  • cpe:2.3:a:libpng:libpng:1.2.24:rc01
    cpe:2.3:a:libpng:libpng:1.2.24:rc01
  • libpng 1.2.35
    cpe:2.3:a:libpng:libpng:1.2.35
  • cpe:2.3:a:libpng:libpng:1.2.24:beta03
    cpe:2.3:a:libpng:libpng:1.2.24:beta03
  • libpng 1.2.36
    cpe:2.3:a:libpng:libpng:1.2.36
  • cpe:2.3:a:libpng:libpng:1.2.24:beta02
    cpe:2.3:a:libpng:libpng:1.2.24:beta02
  • cpe:2.3:a:libpng:libpng:1.2.25:beta05
    cpe:2.3:a:libpng:libpng:1.2.25:beta05
  • cpe:2.3:a:libpng:libpng:1.2.25:beta04
    cpe:2.3:a:libpng:libpng:1.2.25:beta04
  • cpe:2.3:a:libpng:libpng:1.2.25:beta03
    cpe:2.3:a:libpng:libpng:1.2.25:beta03
  • cpe:2.3:a:libpng:libpng:1.2.25:beta02
    cpe:2.3:a:libpng:libpng:1.2.25:beta02
  • libpng 1.2.9
    cpe:2.3:a:libpng:libpng:1.2.9
  • libpng 1.2.5
    cpe:2.3:a:libpng:libpng:1.2.5
  • libpng 1.2.6
    cpe:2.3:a:libpng:libpng:1.2.6
  • libpng 1.2.7
    cpe:2.3:a:libpng:libpng:1.2.7
  • libpng 1.2.8
    cpe:2.3:a:libpng:libpng:1.2.8
  • cpe:2.3:a:libpng:libpng:1.2.9:beta10
    cpe:2.3:a:libpng:libpng:1.2.9:beta10
  • cpe:2.3:a:libpng:libpng:1.2.9:beta9
    cpe:2.3:a:libpng:libpng:1.2.9:beta9
  • cpe:2.3:a:libpng:libpng:1.2.9:beta8
    cpe:2.3:a:libpng:libpng:1.2.9:beta8
  • cpe:2.3:a:libpng:libpng:1.2.9:beta7
    cpe:2.3:a:libpng:libpng:1.2.9:beta7
  • cpe:2.3:a:libpng:libpng:1.2.9:beta6
    cpe:2.3:a:libpng:libpng:1.2.9:beta6
  • cpe:2.3:a:libpng:libpng:1.2.9:beta5
    cpe:2.3:a:libpng:libpng:1.2.9:beta5
  • cpe:2.3:a:libpng:libpng:1.2.9:beta4
    cpe:2.3:a:libpng:libpng:1.2.9:beta4
  • cpe:2.3:a:libpng:libpng:1.2.9:beta3
    cpe:2.3:a:libpng:libpng:1.2.9:beta3
  • cpe:2.3:a:libpng:libpng:1.2.9:beta2
    cpe:2.3:a:libpng:libpng:1.2.9:beta2
  • cpe:2.3:a:libpng:libpng:1.2.9:beta1
    cpe:2.3:a:libpng:libpng:1.2.9:beta1
  • cpe:2.3:a:libpng:libpng:1.2.9:rc1
    cpe:2.3:a:libpng:libpng:1.2.9:rc1
  • cpe:2.3:a:libpng:libpng:1.2.8:beta3
    cpe:2.3:a:libpng:libpng:1.2.8:beta3
  • cpe:2.3:a:libpng:libpng:1.2.8:beta4
    cpe:2.3:a:libpng:libpng:1.2.8:beta4
  • cpe:2.3:a:libpng:libpng:1.2.8:beta5
    cpe:2.3:a:libpng:libpng:1.2.8:beta5
  • cpe:2.3:a:libpng:libpng:1.2.8:rc1
    cpe:2.3:a:libpng:libpng:1.2.8:rc1
  • cpe:2.3:a:libpng:libpng:1.2.8:rc2
    cpe:2.3:a:libpng:libpng:1.2.8:rc2
  • cpe:2.3:a:libpng:libpng:1.2.8:rc3
    cpe:2.3:a:libpng:libpng:1.2.8:rc3
  • cpe:2.3:a:libpng:libpng:1.2.8:rc4
    cpe:2.3:a:libpng:libpng:1.2.8:rc4
  • cpe:2.3:a:libpng:libpng:1.2.8:rc5
    cpe:2.3:a:libpng:libpng:1.2.8:rc5
  • cpe:2.3:a:libpng:libpng:1.2.6:rc2
    cpe:2.3:a:libpng:libpng:1.2.6:rc2
  • cpe:2.3:a:libpng:libpng:1.2.6:rc3
    cpe:2.3:a:libpng:libpng:1.2.6:rc3
  • cpe:2.3:a:libpng:libpng:1.2.6:rc4
    cpe:2.3:a:libpng:libpng:1.2.6:rc4
  • cpe:2.3:a:libpng:libpng:1.2.6:rc5
    cpe:2.3:a:libpng:libpng:1.2.6:rc5
  • cpe:2.3:a:libpng:libpng:1.2.7:beta1
    cpe:2.3:a:libpng:libpng:1.2.7:beta1
  • cpe:2.3:a:libpng:libpng:1.2.7:beta2
    cpe:2.3:a:libpng:libpng:1.2.7:beta2
  • cpe:2.3:a:libpng:libpng:1.2.8:beta1
    cpe:2.3:a:libpng:libpng:1.2.8:beta1
  • cpe:2.3:a:libpng:libpng:1.2.8:beta2
    cpe:2.3:a:libpng:libpng:1.2.8:beta2
  • cpe:2.3:a:libpng:libpng:1.2.5:rc2
    cpe:2.3:a:libpng:libpng:1.2.5:rc2
  • cpe:2.3:a:libpng:libpng:1.2.5:rc1
    cpe:2.3:a:libpng:libpng:1.2.5:rc1
  • cpe:2.3:a:libpng:libpng:1.2.6:beta1
    cpe:2.3:a:libpng:libpng:1.2.6:beta1
  • cpe:2.3:a:libpng:libpng:1.2.5:rc3
    cpe:2.3:a:libpng:libpng:1.2.5:rc3
  • cpe:2.3:a:libpng:libpng:1.2.6:beta3
    cpe:2.3:a:libpng:libpng:1.2.6:beta3
  • cpe:2.3:a:libpng:libpng:1.2.6:beta2
    cpe:2.3:a:libpng:libpng:1.2.6:beta2
  • cpe:2.3:a:libpng:libpng:1.2.6:rc1
    cpe:2.3:a:libpng:libpng:1.2.6:rc1
  • cpe:2.3:a:libpng:libpng:1.2.6:beta4
    cpe:2.3:a:libpng:libpng:1.2.6:beta4
  • cpe:2.3:a:libpng:libpng:1.2.4:beta3
    cpe:2.3:a:libpng:libpng:1.2.4:beta3
  • cpe:2.3:a:libpng:libpng:1.2.5:beta1
    cpe:2.3:a:libpng:libpng:1.2.5:beta1
  • cpe:2.3:a:libpng:libpng:1.2.4:rc1
    cpe:2.3:a:libpng:libpng:1.2.4:rc1
  • cpe:2.3:a:libpng:libpng:1.2.5:beta3
    cpe:2.3:a:libpng:libpng:1.2.5:beta3
  • cpe:2.3:a:libpng:libpng:1.2.5:beta2
    cpe:2.3:a:libpng:libpng:1.2.5:beta2
  • cpe:2.3:a:libpng:libpng:1.4
    cpe:2.3:a:libpng:libpng:1.4
  • cpe:2.3:a:libpng:libpng:1.4:beta28
    cpe:2.3:a:libpng:libpng:1.4:beta28
  • cpe:2.3:a:libpng:libpng:1.4:beta29
    cpe:2.3:a:libpng:libpng:1.4:beta29
  • cpe:2.3:a:libpng:libpng:1.4:beta26
    cpe:2.3:a:libpng:libpng:1.4:beta26
  • cpe:2.3:a:libpng:libpng:1.4:beta27
    cpe:2.3:a:libpng:libpng:1.4:beta27
  • cpe:2.3:a:libpng:libpng:1.4:beta33
    cpe:2.3:a:libpng:libpng:1.4:beta33
  • cpe:2.3:a:libpng:libpng:1.4:beta30
    cpe:2.3:a:libpng:libpng:1.4:beta30
  • cpe:2.3:a:libpng:libpng:1.4:beta31
    cpe:2.3:a:libpng:libpng:1.4:beta31
  • cpe:2.3:a:libpng:libpng:1.4:beta20
    cpe:2.3:a:libpng:libpng:1.4:beta20
  • cpe:2.3:a:libpng:libpng:1.4:beta25
    cpe:2.3:a:libpng:libpng:1.4:beta25
  • cpe:2.3:a:libpng:libpng:1.4:beta24
    cpe:2.3:a:libpng:libpng:1.4:beta24
  • cpe:2.3:a:libpng:libpng:1.4:beta23
    cpe:2.3:a:libpng:libpng:1.4:beta23
  • cpe:2.3:a:libpng:libpng:1.4.0:beta36
    cpe:2.3:a:libpng:libpng:1.4.0:beta36
  • cpe:2.3:a:libpng:libpng:1.4:beta22
    cpe:2.3:a:libpng:libpng:1.4:beta22
  • cpe:2.3:a:libpng:libpng:1.4:beta19
    cpe:2.3:a:libpng:libpng:1.4:beta19
  • cpe:2.3:a:libpng:libpng:1.4:beta17
    cpe:2.3:a:libpng:libpng:1.4:beta17
  • cpe:2.3:a:libpng:libpng:1.4:beta18
    cpe:2.3:a:libpng:libpng:1.4:beta18
  • cpe:2.3:a:libpng:libpng:1.4:beta15
    cpe:2.3:a:libpng:libpng:1.4:beta15
  • cpe:2.3:a:libpng:libpng:1.4:beta16
    cpe:2.3:a:libpng:libpng:1.4:beta16
  • cpe:2.3:a:libpng:libpng:1.4:beta13
    cpe:2.3:a:libpng:libpng:1.4:beta13
  • cpe:2.3:a:libpng:libpng:1.4:beta14
    cpe:2.3:a:libpng:libpng:1.4:beta14
  • cpe:2.3:a:libpng:libpng:1.4:beta12
    cpe:2.3:a:libpng:libpng:1.4:beta12
  • cpe:2.3:a:libpng:libpng:1.4:beta133
    cpe:2.3:a:libpng:libpng:1.4:beta133
  • cpe:2.3:a:libpng:libpng:1.4:beta10
    cpe:2.3:a:libpng:libpng:1.4:beta10
  • cpe:2.3:a:libpng:libpng:1.4:beta11
    cpe:2.3:a:libpng:libpng:1.4:beta11
  • cpe:2.3:a:libpng:libpng:1.4:beta8
    cpe:2.3:a:libpng:libpng:1.4:beta8
  • cpe:2.3:a:libpng:libpng:1.4:beta9
    cpe:2.3:a:libpng:libpng:1.4:beta9
  • cpe:2.3:a:libpng:libpng:1.4:beta6
    cpe:2.3:a:libpng:libpng:1.4:beta6
  • cpe:2.3:a:libpng:libpng:1.4:beta7
    cpe:2.3:a:libpng:libpng:1.4:beta7
  • cpe:2.3:a:libpng:libpng:1.4:beta5
    cpe:2.3:a:libpng:libpng:1.4:beta5
  • cpe:2.3:a:libpng:libpng:1.4:beta4
    cpe:2.3:a:libpng:libpng:1.4:beta4
  • cpe:2.3:a:libpng:libpng:1.4:beta3
    cpe:2.3:a:libpng:libpng:1.4:beta3
  • cpe:2.3:a:libpng:libpng:1.4:beta2
    cpe:2.3:a:libpng:libpng:1.4:beta2
  • cpe:2.3:a:libpng:libpng:1.4:beta1
    cpe:2.3:a:libpng:libpng:1.4:beta1
  • libpng 1.2.37
    cpe:2.3:a:libpng:libpng:1.2.37
  • cpe:2.3:a:libpng:libpng:1.2.37:beta3
    cpe:2.3:a:libpng:libpng:1.2.37:beta3
  • cpe:2.3:a:libpng:libpng:1.2.37:beta2
    cpe:2.3:a:libpng:libpng:1.2.37:beta2
  • cpe:2.3:a:libpng:libpng:1.2.37:beta1
    cpe:2.3:a:libpng:libpng:1.2.37:beta1
  • cpe:2.3:a:libpng:libpng:1.2.37:rc1
    cpe:2.3:a:libpng:libpng:1.2.37:rc1
  • libpng 1.2.38
    cpe:2.3:a:libpng:libpng:1.2.38
  • cpe:2.3:a:libpng:libpng:1.2.38:rc3
    cpe:2.3:a:libpng:libpng:1.2.38:rc3
  • cpe:2.3:a:libpng:libpng:1.2.38:rc2
    cpe:2.3:a:libpng:libpng:1.2.38:rc2
  • cpe:2.3:a:libpng:libpng:1.2.38:rc1
    cpe:2.3:a:libpng:libpng:1.2.38:rc1
  • cpe:2.3:a:libpng:libpng:1.2.38:beta1
    cpe:2.3:a:libpng:libpng:1.2.38:beta1
  • libpng 1.2.39
    cpe:2.3:a:libpng:libpng:1.2.39
  • cpe:2.3:a:libpng:libpng:1.2.39:rc1
    cpe:2.3:a:libpng:libpng:1.2.39:rc1
  • cpe:2.3:a:libpng:libpng:1.2.39:beta5
    cpe:2.3:a:libpng:libpng:1.2.39:beta5
  • cpe:2.3:a:libpng:libpng:1.2.39:beta4
    cpe:2.3:a:libpng:libpng:1.2.39:beta4
  • cpe:2.3:a:libpng:libpng:1.2.39:beta3
    cpe:2.3:a:libpng:libpng:1.2.39:beta3
  • cpe:2.3:a:libpng:libpng:1.2.39:beta2
    cpe:2.3:a:libpng:libpng:1.2.39:beta2
  • cpe:2.3:a:libpng:libpng:1.2.39:beta1
    cpe:2.3:a:libpng:libpng:1.2.39:beta1
  • libpng 1.2.40
    cpe:2.3:a:libpng:libpng:1.2.40
  • cpe:2.3:a:libpng:libpng:1.2.40:rc1
    cpe:2.3:a:libpng:libpng:1.2.40:rc1
  • cpe:2.3:a:libpng:libpng:1.2.40:beta1
    cpe:2.3:a:libpng:libpng:1.2.40:beta1
  • libpng 1.2.41
    cpe:2.3:a:libpng:libpng:1.2.41
  • cpe:2.3:a:libpng:libpng:1.2.41:rc3
    cpe:2.3:a:libpng:libpng:1.2.41:rc3
  • cpe:2.3:a:libpng:libpng:1.2.41:rc2
    cpe:2.3:a:libpng:libpng:1.2.41:rc2
  • cpe:2.3:a:libpng:libpng:1.2.41:rc1
    cpe:2.3:a:libpng:libpng:1.2.41:rc1
  • cpe:2.3:a:libpng:libpng:1.2.41:beta18
    cpe:2.3:a:libpng:libpng:1.2.41:beta18
  • cpe:2.3:a:libpng:libpng:1.2.41:beta17
    cpe:2.3:a:libpng:libpng:1.2.41:beta17
  • cpe:2.3:a:libpng:libpng:1.2.41:beta16
    cpe:2.3:a:libpng:libpng:1.2.41:beta16
  • cpe:2.3:a:libpng:libpng:1.2.41:beta14
    cpe:2.3:a:libpng:libpng:1.2.41:beta14
  • cpe:2.3:a:libpng:libpng:1.2.41:beta13
    cpe:2.3:a:libpng:libpng:1.2.41:beta13
  • cpe:2.3:a:libpng:libpng:1.2.41:beta12
    cpe:2.3:a:libpng:libpng:1.2.41:beta12
  • cpe:2.3:a:libpng:libpng:1.2.41:beta11
    cpe:2.3:a:libpng:libpng:1.2.41:beta11
  • cpe:2.3:a:libpng:libpng:1.2.41:beta9
    cpe:2.3:a:libpng:libpng:1.2.41:beta9
  • cpe:2.3:a:libpng:libpng:1.2.41:beta8
    cpe:2.3:a:libpng:libpng:1.2.41:beta8
  • cpe:2.3:a:libpng:libpng:1.2.41:beta7
    cpe:2.3:a:libpng:libpng:1.2.41:beta7
  • cpe:2.3:a:libpng:libpng:1.2.41:beta6
    cpe:2.3:a:libpng:libpng:1.2.41:beta6
  • cpe:2.3:a:libpng:libpng:1.2.41:beta5
    cpe:2.3:a:libpng:libpng:1.2.41:beta5
  • cpe:2.3:a:libpng:libpng:1.2.41:beta4
    cpe:2.3:a:libpng:libpng:1.2.41:beta4
  • cpe:2.3:a:libpng:libpng:1.2.41:beta3
    cpe:2.3:a:libpng:libpng:1.2.41:beta3
  • cpe:2.3:a:libpng:libpng:1.2.41:beta2
    cpe:2.3:a:libpng:libpng:1.2.41:beta2
  • cpe:2.3:a:libpng:libpng:1.2.41:beta1
    cpe:2.3:a:libpng:libpng:1.2.41:beta1
  • libpng 1.2.42
    cpe:2.3:a:libpng:libpng:1.2.42
  • cpe:2.3:a:libpng:libpng:1.2.42:rc5
    cpe:2.3:a:libpng:libpng:1.2.42:rc5
  • cpe:2.3:a:libpng:libpng:1.2.42:rc4
    cpe:2.3:a:libpng:libpng:1.2.42:rc4
  • cpe:2.3:a:libpng:libpng:1.2.42:rc3
    cpe:2.3:a:libpng:libpng:1.2.42:rc3
  • cpe:2.3:a:libpng:libpng:1.2.42:rc2
    cpe:2.3:a:libpng:libpng:1.2.42:rc2
  • cpe:2.3:a:libpng:libpng:1.2.42:rc1
    cpe:2.3:a:libpng:libpng:1.2.42:rc1
  • cpe:2.3:a:libpng:libpng:1.2.42:beta2
    cpe:2.3:a:libpng:libpng:1.2.42:beta2
  • cpe:2.3:a:libpng:libpng:1.2.42:beta1
    cpe:2.3:a:libpng:libpng:1.2.42:beta1
  • libpng 1.0.43
    cpe:2.3:a:libpng:libpng:1.0.43
  • libpng 1.0.44
    cpe:2.3:a:libpng:libpng:1.0.44
  • libpng 1.0.45
    cpe:2.3:a:libpng:libpng:1.0.45
  • libpng 1.0.46
    cpe:2.3:a:libpng:libpng:1.0.46
  • libpng 1.0.47
    cpe:2.3:a:libpng:libpng:1.0.47
  • libpng 1.0.48
    cpe:2.3:a:libpng:libpng:1.0.48
  • libpng 1.0.50
    cpe:2.3:a:libpng:libpng:1.0.50
  • libpng 1.0.51
    cpe:2.3:a:libpng:libpng:1.0.51
  • libpng 1.0.52
    cpe:2.3:a:libpng:libpng:1.0.52
CVSS
Base: 7.8 (as of 04-03-2010 - 08:46)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201010-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201010-01 (Libpng: Multiple vulnerabilities) Multiple vulnerabilities were found in libpng: The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205) A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205) A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249) Impact : An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 49771
    published 2010-10-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49771
    title GLSA-201010-01 : Libpng: Multiple vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_10_6_5.NASL
    description The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.5. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache mod_perl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - Image Capture - ImageIO - Image RAW - Kernel - MySQL - neon - Networking - OpenLDAP - OpenSSL - Password Server - PHP - Printing - python - QuickLook - QuickTime - Safari RSS - Time Machine - Wiki Server - X11 - xar
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 50548
    published 2010-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50548
    title Mac OS X 10.6.x < 10.6.5 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_1_LIBPNG-DEVEL-100318.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. CVE-2010-0205 has been assigned.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46355
    published 2010-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46355
    title openSUSE Security Update : libpng-devel (openSUSE-SU-2010:0257-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2010-0534.NASL
    description From Red Hat Security Advisory 2010:0534 : Updated libpng and libpng10 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) Users of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 68063
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68063
    title Oracle Linux 3 / 4 / 5 : libpng (ELSA-2010-0534)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2010-0534.NASL
    description Updated libpng and libpng10 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) Users of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 47876
    published 2010-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47876
    title RHEL 3 / 4 / 5 : libpng (RHSA-2010:0534)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_0_LIBPNG-DEVEL-100318.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. CVE-2010-0205 has been assigned.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46353
    published 2010-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46353
    title openSUSE Security Update : libpng-devel (openSUSE-SU-2010:0257-1)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2010-007.NASL
    description The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-007 applied. This security update contains fixes for the following products : - AFP Server - Apache mod_perl - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services - diskdev_cmds - Disk Images - Flash Player plug-in - gzip - ImageIO - Image RAW - MySQL - Password Server - PHP - Printing - python - QuickLook - Safari RSS - Wiki Server - X11
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 50549
    published 2010-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50549
    title Mac OS X Multiple Vulnerabilities (Security Update 2010-007)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-913-1.NASL
    description It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042) It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-0205). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 45080
    published 2010-03-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45080
    title Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : libpng vulnerabilities (USN-913-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIBPNG-6933.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. CVE-2010-0205 has been assigned.
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 49881
    published 2010-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=49881
    title SuSE 10 Security Update : libpng (ZYPP Patch Number 6933)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20100714_LIBPNG_ON_SL3_X.NASL
    description A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 60816
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60816
    title Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2010-0534.NASL
    description Updated libpng and libpng10 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A memory corruption flaw was found in the way applications, using the libpng library and its progressive reading method, decoded certain PNG images. An attacker could create a specially crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-1205) A denial of service flaw was found in the way applications using the libpng library decoded PNG images that have certain, highly compressed ancillary chunks. An attacker could create a specially crafted PNG image that could cause an application using libpng to consume excessive amounts of memory and CPU time, and possibly crash. (CVE-2010-0205) A memory leak flaw was found in the way applications using the libpng library decoded PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially crafted PNG image that could cause an application using libpng to exhaust all available memory and possibly crash or exit. (CVE-2010-2249) A sensitive information disclosure flaw was found in the way applications using the libpng library processed 1-bit interlaced PNG images. An attacker could create a specially crafted PNG image that could cause an application using libpng to disclose uninitialized memory. (CVE-2009-2042) Users of libpng and libpng10 should upgrade to these updated packages, which contain backported patches to correct these issues. All running applications using libpng or libpng10 must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 47741
    published 2010-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47741
    title CentOS 3 / 4 / 5 : libpng / libpng10 (CESA-2010:0534)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4673.NASL
    description Update to libpng 1.2.43, includes fix for CVE-2010-0205 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47368
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47368
    title Fedora 12 : libpng-1.2.43-1.fc12 (2010-4673)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-063.NASL
    description Multiple vulnerabilities has been found and corrected in libpng : libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via out-of-bounds pixels in the file (CVE-2009-2042). The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a decompression bomb attack (CVE-2010-0205). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 45124
    published 2010-03-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45124
    title Mandriva Linux Security Advisory : libpng (MDVSA-2010:063)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-3375.NASL
    description This is the latest upstream maintenance release. In addition to a number of minor bugfixes, it mitigates the resource-consumption effects of highly compressed ancillary chunks in hostile PNG files as described at http://libpng.sourceforge.net/ADVISORY-1.4.1.html This issue has been assigned CVE-2010-0205 by CERT. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 47310
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47310
    title Fedora 12 : libpng10-1.0.53-1.fc12 (2010-3375)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBPNG12-0-100319.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. (CVE-2010-0205)
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 51621
    published 2011-01-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51621
    title SuSE 11.1 Security Update : libpng12-0 (SAT Patch Number 2473)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-2988.NASL
    description This is the latest upstream maintenance release. In addition to a number of minor bugfixes, it mitigates the resource-consumption effects of highly compressed ancillary chunks in hostile PNG files as described at http://libpng.sourceforge.net/ADVISORY-1.4.1.html This issue has been assigned CVE-2010-0205 by CERT. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 47298
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47298
    title Fedora 13 : libpng10-1.0.53-1.fc13 (2010-2988)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBPNG-DEVEL-100319.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. CVE-2010-0205 has been assigned.
    last seen 2019-02-21
    modified 2013-10-25
    plugin id 50940
    published 2010-12-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=50940
    title SuSE 11 Security Update : libpng (SAT Patch Number 2161)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2010-064.NASL
    description A vulnerability has been found and corrected in libpng : The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a decompression bomb attack (CVE-2010-0205). The updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 45136
    published 2010-03-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45136
    title Mandriva Linux Security Advisory : libpng (MDVSA-2010:064)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-3414.NASL
    description This is the latest upstream maintenance release. In addition to a number of minor bugfixes, it mitigates the resource-consumption effects of highly compressed ancillary chunks in hostile PNG files as described at http://libpng.sourceforge.net/ADVISORY-1.4.1.html This issue has been assigned CVE-2010-0205 by CERT. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-24
    plugin id 47312
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47312
    title Fedora 11 : libpng10-1.0.53-1.fc11 (2010-3414)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4616.NASL
    description Update to libpng 1.2.43, includes fix for CVE-2010-0205 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 47367
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47367
    title Fedora 11 : libpng-1.2.43-1.fc11 (2010-4616)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_2_LIBPNG-DEVEL-100318.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. CVE-2010-0205 has been assigned.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 46357
    published 2010-05-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46357
    title openSUSE Security Update : libpng-devel (openSUSE-SU-2010:0257-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2032.NASL
    description Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2042 libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via 'out-of-bounds pixels' in the file. - CVE-2010-0205 libpng does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 45480
    published 2010-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45480
    title Debian DSA-2032-1 : libpng - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_12599.NASL
    description Denial of service while decompressing a highly compressed huge ancillary chunk has been fixed in libpng. CVE-2010-0205 has been assigned.
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 46247
    published 2010-05-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=46247
    title SuSE9 Security Update : libpng (YOU Patch Number 12599)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2010-4683.NASL
    description Update to libpng 1.2.43, includes fix for CVE-2010-0205 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 47370
    published 2010-07-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=47370
    title Fedora 13 : libpng-1.2.43-1.fc13 (2010-4683)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_4FB5D2CD4C7711DF83FB0015587E2CC1.NASL
    description A vulnerability in libpng can result in denial of service conditions when a remote attacker tricks a victim to open a specially crafted PNG file. The PNG project describes the problem in an advisory : Because of the efficient compression method used in Portable Network Graphics (PNG) files, a small PNG file can expand tremendously, acting as a 'decompression bomb'. Malformed PNG chunks can consume a large amount of CPU and wall-clock time and large amounts of memory, up to all memory available on a system
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 45584
    published 2010-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=45584
    title FreeBSD : png -- libpng decompression denial of service (4fb5d2cd-4c77-11df-83fb-0015587e2cc1)
redhat via4
rpms
  • libpng-2:1.2.2-30
  • libpng-devel-2:1.2.2-30
  • libpng10-0:1.0.13-21
  • libpng10-devel-0:1.0.13-21
  • libpng-2:1.2.7-3.el4_8.3
  • libpng-devel-2:1.2.7-3.el4_8.3
  • libpng10-0:1.0.16-3.el4_8.4
  • libpng10-devel-0:1.0.16-3.el4_8.4
  • libpng-2:1.2.10-7.1.el5_5.3
  • libpng-devel-2:1.2.10-7.1.el5_5.3
refmap via4
apple APPLE-SA-2010-11-10-1
bid 38478
cert-vn VU#576029
confirm
debian DSA-2032
fedora
  • FEDORA-2010-2988
  • FEDORA-2010-3375
  • FEDORA-2010-3414
  • FEDORA-2010-4683
mandriva
  • MDVSA-2010:063
  • MDVSA-2010:064
mlist [security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues
osvdb 62670
sectrack 1023674
secunia
  • 38774
  • 39251
  • 41574
suse
  • SUSE-SR:2010:011
  • SUSE-SR:2010:012
  • SUSE-SR:2010:013
ubuntu USN-913-1
vupen
  • ADV-2010-0517
  • ADV-2010-0605
  • ADV-2010-0626
  • ADV-2010-0637
  • ADV-2010-0667
  • ADV-2010-0682
  • ADV-2010-0686
  • ADV-2010-0847
  • ADV-2010-1107
  • ADV-2010-2491
xf libpng-pngdecompresschunk-dos(56661)
statements via4
contributor Tomas Hoger
lastmodified 2010-07-14
organization Red Hat
statement This issue has been addressed in Red Hat Enterprise Linux 3, 4, and 5 via https://rhn.redhat.com/errata/RHSA-2010-0534.html.
Last major update 18-11-2010 - 01:34
Published 03-03-2010 - 14:30
Last modified 16-08-2017 - 21:31
Back to Top