var-201006-0260
Vulnerability from variot
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.
Background
libpng is a standard library used to process PNG (Portable Network Graphics) images. It is used by several programs, including web browsers and potentially server processes.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 media-libs/libpng < 1.4.3 >= 1.4.3
Description
Multiple vulnerabilities were found in libpng:
-
The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)
-
A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)
-
A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)
Impact
An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.
Workaround
There is no known workaround at this time.
Resolution
All libpng users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"
References
[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-201010-01.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
.
For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.44-1
We recommend that you upgrade your libpng package.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6
Architecture independent packages:
http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be
arm architecture (ARM)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed
These files will probably be moved into the stable distribution on its next update. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425
- Summary
VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.
- Relevant releases
VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,
Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.
- Problem Description
a. VMware Workstation and Player installer security issue
The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.
The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.
VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.x any 7.1.2 build 301548 or later *
Workstation 6.5.x any not affected
Player 3.x any 3.1.2 build 301548 or later *
Player 2.5.x any not affected
AMS any any not affected
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
- Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.
b. Third party libpng updated to version 1.2.44
A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 7.1.x any 7.1.2 build 301548 or later
Workstation 6.5.x any affected, patch pending
Player 3.1.x any 3.1.2 build 301548 or later
Player 2.5.x any affected, patch pending
AMS any any not affected
Server any any affected, no patch planned
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.
A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.
The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation any any not affected
Player any any not affected
AMS any Windows 2.7.2 build 301548 or later
AMS any Linux affected, patch pending *
Server any any not affected
Fusion any Mac OS/X not affected
ESXi any ESXi not affected
ESX any ESX not affected
-
Note CVE-2010-0425 is not applicable to AMS running on Linux
-
Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.
VMware Workstation 7.1.2
http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html
Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614
sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a
Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d
sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3
VMware Player 3.1.2
http://www.vmware.com/download/player/ Release notes:
http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html
VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba
sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70
VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8
sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749
VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1
sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c
VMware ACE Management Server 2.7.2
http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html
ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550
sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425
- Change log
2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware Security Advisories http://www.vmware.com/security/advisoiries
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)
iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-960-1 July 08, 2010 libpng vulnerabilities CVE-2010-1205, CVE-2010-2249 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.6
Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.3
Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.2
Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.2
Ubuntu 10.04 LTS: libpng12-0 1.2.42-1ubuntu2.1
After a standard system update you need to reboot your computer to make all the necessary changes.
Details follow:
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2010-1205)
It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-2249)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz
Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc
Size/MD5: 661 92722fa973e92a99f982fe05b5826adf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb
Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb
Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb
Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb
Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb
Size/MD5: 66946 501acb21d567d62608904e4272ff842d
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb
Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb
Size/MD5: 66458 24e918a95770150b4df72530bd6de095
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb
Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb
Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5
Updated packages for Ubuntu 8.04 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz
Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc
Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb
Size/MD5: 940 7344fa4e61880636b014525f6e6482a1
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb
Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb
Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 188782 51354007cca0796218e3aaeba6142c41
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb
Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb
Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb
Size/MD5: 172962 b16b496d6553fbf28523147617011b95
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb
Size/MD5: 70020 61f5d75c4435333ef586677a07d49915
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb
Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb
Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb
Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb
Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda
Updated packages for Ubuntu 9.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz
Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc
Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb
Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb
Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb
Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb
Size/MD5: 71102 c18134055d747d066b60218b69e99d45
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb
Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb
Size/MD5: 71488 5179307ffe74c10515e61503e647606f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb
Size/MD5: 248872 a34333b123f4d12e7872868111942cbd
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb
Size/MD5: 71674 f742f2771d94ca29746906c1177d657d
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb
Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb
Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb
Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948
Updated packages for Ubuntu 9.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz
Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc
Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb
Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb
Size/MD5: 73938 15bb328beed6ab3287967c54e4177018
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb
Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb
Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb
Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8
lpia architecture (Low Power Intel Architecture):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb
Size/MD5: 71066 0495b247d489438259937bee1f17761f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb
Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb
Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb
Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb
Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb
Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb
Updated packages for Ubuntu 10.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2
Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc
Size/MD5: 1299 dae31f78418d5db8c3476d7562859658
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2
Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb
Size/MD5: 926 602d7036448637b45c1eacbc31e05640
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb
Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb
Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb
Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb
Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c
powerpc architecture (Apple Macintosh G3/G4/G5):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb
Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb
Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28
sparc architecture (Sun SPARC/UltraSPARC):
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb
Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 175214 142020dfd126d2335bc93bad6a714799
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb
Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047
. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249
Updated Packages:
Mandriva Linux 2008.0: 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm
Mandriva Linux 2009.0: 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm
Mandriva Linux 2009.1: 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm
Mandriva Linux 2010.0: 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm
Mandriva Linux 2010.1: 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64: 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm
Corporate 4.0: be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Corporate 4.0/X86_64: f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64: e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
iD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX KlOM1C8b0XVNVFF83vXPz9A= =E10C -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201006-0260", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "linux", "scope": "eq", "trust": 1.3, "vendor": "debian", "version": "5.0" }, { "model": "linux enterprise server", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "9" }, { "model": "linux enterprise server", "scope": "eq", "trust": 1.3, "vendor": "suse", "version": "11" }, { "model": "itunes", "scope": "eq", "trust": 1.1, "vendor": "apple", "version": "10" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "9.10" }, { "model": "itunes", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "10.2" }, { "model": "workstation", "scope": "gte", "trust": 1.0, "vendor": "vmware", "version": "7.1" }, { "model": "iphone os", "scope": "lte", "trust": 1.0, "vendor": "apple", "version": "4.1" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "8.04" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "6.06" }, { "model": "iphone os", "scope": "gte", "trust": 1.0, "vendor": "apple", "version": "2.0" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "12" }, { "model": "fedora", "scope": "eq", "trust": 1.0, "vendor": "fedoraproject", "version": "13" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "10.04" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "11.1" }, { "model": "player", "scope": "gte", "trust": 1.0, "vendor": "vmware", "version": "3.1" }, { "model": "workstation", "scope": "lt", "trust": 1.0, "vendor": "vmware", "version": "6.5.5" }, { "model": "player", "scope": "gte", "trust": 1.0, "vendor": "vmware", "version": "2.5" }, { "model": "opensuse", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "11.2" }, { "model": "player", "scope": "lt", "trust": 1.0, "vendor": "vmware", "version": "2.5.5" }, { "model": "player", "scope": "lt", "trust": 1.0, "vendor": "vmware", "version": "3.1.2" }, { "model": "workstation", "scope": "lt", "trust": 1.0, "vendor": "vmware", "version": "7.1.2" }, { "model": "tvos", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "4.1.0" }, { "model": "libpng", "scope": "lt", "trust": 1.0, "vendor": "libpng", "version": "1.2.44" }, { "model": "safari", "scope": "lt", "trust": 1.0, "vendor": "apple", "version": "5.0.4" }, { "model": "linux enterprise server", "scope": "eq", "trust": 1.0, "vendor": "suse", "version": "10" }, { "model": "libpng", "scope": "gte", "trust": 1.0, "vendor": "libpng", "version": "1.4.0" }, { "model": "libpng", "scope": "lt", "trust": 1.0, "vendor": "libpng", "version": "1.4.3" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "9.04" }, { "model": "workstation", "scope": "gte", "trust": 1.0, "vendor": "vmware", "version": "6.5.0" }, { "model": "libpng", "scope": "eq", "trust": 0.9, "vendor": "libpng", "version": "1.0.42" }, { "model": "libpng", "scope": "eq", "trust": 0.9, "vendor": "libpng", "version": "1.0.33" }, { "model": "libpng", "scope": "eq", "trust": 0.9, "vendor": "libpng", "version": "1.0.32" }, { "model": "libpng", "scope": "lt", "trust": 0.8, "vendor": "png group", "version": "1.2.44" }, { "model": "libpng", "scope": "lt", "trust": 0.8, "vendor": "png group", "version": "1.4.3" }, { "model": "player", "scope": "eq", "trust": 0.8, "vendor": "vmware", "version": "2.5.x" }, { "model": "player", "scope": "eq", "trust": 0.8, "vendor": "vmware", "version": "3.1.x" }, { "model": "server", "scope": null, "trust": 0.8, "vendor": "vmware", "version": null }, { "model": "workstation", "scope": "eq", "trust": 0.8, "vendor": "vmware", "version": "6.5.x" }, { "model": "workstation", "scope": "eq", "trust": 0.8, "vendor": "vmware", "version": "7.1.x" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.8" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6 to v10.6.4" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.5.8" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6 to v10.6.4" }, { "model": "tv", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "(2nd generation) 4.0 software" }, { "model": "ios", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "2.0 to 4.1 (iphone 3g after )" }, { "model": "ios", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "2.1 to 4.1 (ipod touch (2nd generation) after )" }, { "model": "ios", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "3.2 to 3.2.2 (ipad for )" }, { "model": "ipad", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "iphone", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "ipod touch", "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": "safari", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "5" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "10" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "11 express" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "8" }, { "model": "solaris", "scope": "eq", "trust": 0.8, "vendor": "oracle", "version": "9" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 (x86)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "3.0 (x86-64)" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0" }, { "model": "asianux server", "scope": "eq", "trust": 0.8, "vendor": "cybertrust", "version": "4.0 (x86-64)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4 (ws)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.8 (as)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.8 (es)" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (server)" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "3.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "4.0" }, { "model": "enterprise linux desktop", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5.0 (client)" }, { "model": "rhel desktop workstation", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "5 (client)" }, { "model": "tv", "scope": "eq", "trust": 0.6, "vendor": "apple", "version": "2.1" }, { "model": "libpng", "scope": "eq", "trust": 0.6, "vendor": "libpng", "version": "1.0.40" }, { "model": "libpng", "scope": "eq", "trust": 0.6, "vendor": "libpng", "version": "1.0.41" }, { "model": "libpng", "scope": "eq", "trust": 0.6, "vendor": "libpng", "version": "1.0.29" }, { "model": "libpng", "scope": "eq", "trust": 0.6, "vendor": "libpng", "version": "1.0.30" }, { "model": "libpng", "scope": "eq", "trust": 0.6, "vendor": "libpng", "version": "1.0.3" }, { "model": "in motion blackberry enterprise server for exchange", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6" }, { "model": "linux hppa", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux enterprise sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.25" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.42" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.6" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "linux enterprise sdk sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "tv", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2" }, { "model": "intuity audix", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "in motion blackberry enterprise server for domino", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1.1" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.1" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2.1" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.16" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.18" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.4" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "messaging storage server sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.7" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "beta01", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.27" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.2" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.4" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5118166" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "cms server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "15.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.1" }, { "model": "player build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5118166" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.5" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.21" }, { "model": "ipad", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.1" }, { "model": "solaris express", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "11" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.5" }, { "model": "tv", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.3" }, { "model": "itunes", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "10.2" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.36" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.9" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.4.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.2" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.6" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "in motion blackberry enterprise server express for exchange mr1", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.1" }, { "model": "linux enterprise desktop", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.6" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.1" }, { "model": "player build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "3.1.2301548" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.3" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.9156507" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.4" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.2.1" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.18" }, { "model": "in motion blackberry enterprise server for novell groupwise", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.3" }, { "model": "ir", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "message networking mn", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.3" }, { "model": "tv", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "linux enterprise sdk sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.5" }, { "model": "coat systems proxyav", "scope": "ne", "trust": 0.3, "vendor": "blue", "version": "3.4.1.1" }, { "model": "linux lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.04" }, { "model": "beta01", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.4" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "beta19", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.4" }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.2156735" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.1" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.15" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.5" }, { "model": "aura system platform sp1.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.0" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.2" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.0" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.6.7" }, { "model": "hat enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "3" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "firefox", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.5.11" }, { "model": "linux armel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "safari for windows", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "player build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.4246459" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.1" }, { "model": "ir", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.3" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2.1" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "ipad", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.2" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.7" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.2" }, { "model": "corporate server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.2" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.1" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "linux enterprise sdk", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.8" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.2" }, { "model": "intuity audix lx sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.13" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.10" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.2" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "messaging storage server", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.1" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "0" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "cms server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16.0" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.4" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.20" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.5" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.14" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "8.1" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.10203137" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.1" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.12" }, { "model": "intuity lx", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.8" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.27" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.1" }, { "model": "corporate server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "4.0" }, { "model": "linux enterprise sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.2" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.2" }, { "model": "in motion blackberry enterprise server for exchange mr2", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.3" }, { "model": "enterprise linux desktop version", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.3" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0.2" }, { "model": "solaris 10 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.4" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.1.2" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5" }, { "model": "player build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.3185404" }, { "model": "workstation build", "scope": "ne", "trust": 0.3, "vendor": "vmware", "version": "7.1.2301548" }, { "model": "linux alpha", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.4" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.10" }, { "model": "in motion blackberry enterprise server for novell groupwise", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "4.1.7" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.2" }, { "model": "in motion blackberry enterprise server for domino mr3", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.5" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0.3" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.3" }, { "model": "in motion blackberry enterprise server express for domino", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.3" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "0.90" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "pardus", "version": "20090" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.3" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.1" }, { "model": "enterprise server x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.6.3" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.1" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.04" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.26" }, { "model": "linux x86 64 -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.1" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.2" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.3" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.8126538" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.24" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "thunderbird", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.0.6" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.0.1.8" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.43" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "9.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "enterprise server", "scope": "eq", "trust": 0.3, "vendor": "mandrakesoft", "version": "5" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0.2" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "ipod touch", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "s u s e", "version": "11.1" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.3" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "in motion blackberry enterprise server express for exchange", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.3" }, { "model": "hat enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.6" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2010.0" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.6" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.9" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.2" }, { "model": "linux mandrake", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2009.0" }, { "model": "libpng", "scope": "ne", "trust": 0.3, "vendor": "libpng", "version": "1.2.44" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.2" }, { "model": "in motion blackberry enterprise server express for domino", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "linux enterprise server sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.5" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.3" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.2" }, { "model": "linux lts sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.9" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.2" }, { "model": "cms server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "safari beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.7108231" }, { "model": "linux lts lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.5" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "seamonkey", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "2.0.1" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.34" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.04" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.4" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "7.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.3" }, { "model": "linux enterprise desktop sp1", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.4.2" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.4" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "2.0" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.17" }, { "model": "in motion blackberry enterprise server for exchange", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.3" }, { "model": "safari beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "ipad", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "0" }, { "model": "intuity audix r5", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "0" }, { "model": "in motion blackberry enterprise server for domino mr1", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "in motion blackberry enterprise server express for exchange", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "workstation", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.8" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.37" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.04" }, { "model": "solaris 9 sparc", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "9.2" }, { "model": "in motion blackberry enterprise server for domino", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.3" }, { "model": "linux mipsel", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "thunderbird", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "3.1.1" }, { "model": "player build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.2156735" }, { "model": "hat enterprise linux as", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "4" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.5" }, { "model": "opensuse", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11.3" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "enterprise linux optional productivity application server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1.2" }, { "model": "safari", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "5.0.4" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.1" }, { "model": "linux x86 64", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "12.0" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.17" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "10.0" }, { "model": "coat systems proxyav", "scope": "eq", "trust": 0.3, "vendor": "blue", "version": "3.4.1.0" }, { "model": "intuity audix lx r1.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "6.06" }, { "model": "libpng", "scope": "ne", "trust": 0.3, "vendor": "libpng", "version": "1.4.3" }, { "model": "ios", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.580187" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.2" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.2203138" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.7" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.1" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.4" }, { "model": "in motion blackberry enterprise server for exchange mr1", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "intuity audix lx", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.1" }, { "model": "linux lts powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "8.04" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.1.2" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "11.0" }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.4246459" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "3.1" }, { "model": "intuity audix lx sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "messaging storage server mm3.0", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "enterprise linux ws", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.52" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.43" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.1" }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.0.1" }, { "model": "linux enterprise desktop sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "enterprise linux es", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.4" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.8" }, { "model": "ipad", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.8" }, { "model": "player", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.5.3" }, { "model": "messaging storage server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "in motion blackberry enterprise server for exchange", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "linux -current", "scope": null, "trust": 0.3, "vendor": "slackware", "version": null }, { "model": "iphone", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.1" }, { "model": "intuity lx", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.691891" }, { "model": "hat enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "server", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "1.0.4" }, { "model": "linux lpia", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.10" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5.8" }, { "model": "in motion blackberry enterprise server express for exchange", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.1" }, { "model": "linux", "scope": "eq", "trust": 0.3, "vendor": "slackware", "version": "13.0" }, { "model": "message networking", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "in motion blackberry enterprise server for domino", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "linux enterprise", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "mac os server", "scope": "ne", "trust": 0.3, "vendor": "apple", "version": "x10.6.5" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.11" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "desktop", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "3.0" }, { "model": "rc1", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.22" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "itunes", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "10.1" }, { "model": "enterprise linux desktop workstation client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "ios beta", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.2" }, { "model": "cms server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16.2" }, { "model": "workstation build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "6.5.3185404" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.5.7" }, { "model": "firefox", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.5" }, { "model": "server build", "scope": "eq", "trust": 0.3, "vendor": "vmware", "version": "2.0.1156745" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.0" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "in motion blackberry enterprise server express for domino mr1", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.2" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.16" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.53" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.13" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.1" }, { "model": "solaris 10 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.0.10" }, { "model": "in motion blackberry enterprise server for novell groupwise mr3", "scope": "eq", "trust": 0.3, "vendor": "research", "version": "5.0.1" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "5.0.3" }, { "model": "safari", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0.3" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura conferencing standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "9.04" }, { "model": "linux mandrake x86 64", "scope": "eq", "trust": 0.3, "vendor": "mandriva", "version": "2008.0" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.35" }, { "model": "solaris 9 x86", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "intuity audix lx", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "2.0" }, { "model": "tv", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4.0" }, { "model": "seamonkey", "scope": "ne", "trust": 0.3, "vendor": "mozilla", "version": "2.0.6" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "thunderbird", "scope": "eq", "trust": 0.3, "vendor": "mozilla", "version": "3.0.4" }, { "model": "ios", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "3.2.2" }, { "model": "safari for windows", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "4" }, { "model": "linux m68k", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "5.0" }, { "model": "libpng", "scope": "eq", "trust": 0.3, "vendor": "libpng", "version": "1.2.19" } ], "sources": [ { "db": "BID", "id": "41174" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "CNNVD", "id": "CNNVD-201006-491" }, { "db": "NVD", "id": "CVE-2010-2249" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:libpng:libpng", "vulnerable": true }, { "cpe22Uri": "cpe:/a:vmware:player", "vulnerable": true }, { "cpe22Uri": "cpe:/a:vmware:server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:vmware:workstation", "vulnerable": true }, { "cpe22Uri": "cpe:/o:apple:mac_os_x", "vulnerable": true }, { "cpe22Uri": "cpe:/o:apple:mac_os_x_server", "vulnerable": true }, { "cpe22Uri": "cpe:/a:apple:apple_tv", "vulnerable": true }, { "cpe22Uri": "cpe:/o:apple:iphone_os", "vulnerable": true }, { "cpe22Uri": "cpe:/h:apple:ipad", "vulnerable": true }, { "cpe22Uri": "cpe:/h:apple:iphone", "vulnerable": true }, { "cpe22Uri": "cpe:/h:apple:ipod_touch", "vulnerable": true }, { "cpe22Uri": "cpe:/a:apple:itunes", "vulnerable": true }, { "cpe22Uri": "cpe:/a:apple:safari", "vulnerable": true }, { "cpe22Uri": "cpe:/o:oracle:solaris", "vulnerable": true }, { "cpe22Uri": "cpe:/o:misc:miraclelinux_asianux_server", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:enterprise_linux_desktop", "vulnerable": true }, { "cpe22Uri": "cpe:/o:redhat:rhel_desktop_workstation", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-001805" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Greg Roelofs", "sources": [ { "db": "CNNVD", "id": "CNNVD-201006-491" } ], "trust": 0.6 }, "cve": "CVE-2010-2249", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "CVE-2010-2249", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 1.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 5.0, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2010-2249", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "exploitabilityScore": 8.6, "id": "VHN-44854", "impactScore": 2.9, "integrityImpact": "NONE", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "nvd@nist.gov", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "exploitabilityScore": 2.8, "id": "CVE-2010-2249", "impactScore": 3.6, "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2010-2249", "trust": 1.0, "value": "MEDIUM" }, { "author": "NVD", "id": "CVE-2010-2249", "trust": 0.8, "value": "Medium" }, { "author": "CNNVD", "id": "CNNVD-201006-491", "trust": 0.6, "value": "MEDIUM" }, { "author": "VULHUB", "id": "VHN-44854", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2010-2249", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-44854" }, { "db": "VULMON", "id": "CVE-2010-2249" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "CNNVD", "id": "CNNVD-201006-491" }, { "db": "NVD", "id": "CVE-2010-2249" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. The \u0027libpng\u0027 library is prone to multiple vulnerabilities. \nSuccessful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. \nThese issues affect versions prior to \u0027libpng\u0027 1.4.3 and 1.2.44. \n\nBackground\n==========\n\nlibpng is a standard library used to process PNG (Portable Network\nGraphics) images. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 media-libs/libpng \u003c 1.4.3 \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n [ 1 ] CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n [ 2 ] CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n [ 3 ] CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.44-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc\n Size/MD5 checksum: 1201 518a1f5c30a115dcb732e7499a2cef96\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13\n http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz\n Size/MD5 checksum: 21437 43e68a174233314cf49bb204abdd29b6\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb\n Size/MD5 checksum: 886 94643952b104a6f231ed7d710e2ae95d\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 182808 27b109278c41f9354d529ce0cfa2fe70\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb\n Size/MD5 checksum: 287316 b05d9032dca244cfbb1773e17eb8fbf3\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb\n Size/MD5 checksum: 86558 2082c8b1458c53860b8243c184909d99\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb\n Size/MD5 checksum: 71944 a3992e7b18a2897879863fbf70f3e44f\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 167620 b654901994d4666d2918869ef59aef38\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb\n Size/MD5 checksum: 254780 dfb0d24bf329b004ccea98b3a94186be\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb\n Size/MD5 checksum: 64570 f8b22165ed7daf5c40ecff5e03b7c724\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 159684 b64a7d362ef23b72d4af94bd48c89e33\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb\n Size/MD5 checksum: 245526 a55f8943e244796a2dbf4b244673d9ab\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb\n Size/MD5 checksum: 67034 4d6f0fbce281723de483067ae4226f18\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 162570 fb1927ecf7521ce2de4c3c2d3d9ba679\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb\n Size/MD5 checksum: 245964 38148590fd5c421c6e7649767ce23556\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 170090 1a9ad8514fb3dd6111090f321553452b\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb\n Size/MD5 checksum: 260414 b1ada2a28da472703f953547dc2947e2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb\n Size/MD5 checksum: 73894 eb6714f86f8085811a3dc1a1218a75a3\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 245468 8b6e9b5424a8991c05734f90b00182a2\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb\n Size/MD5 checksum: 166290 70c41d2feb2aff02be6154cea7cec1f4\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb\n Size/MD5 checksum: 70118 e7c845ff2e87dc1dc2849ecac4428aa4\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb\n Size/MD5 checksum: 111752 9b3c6f30c1d59df47d8f1736cffb5f74\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 207554 ca076c99f9d64729eab9a58632ab2b9e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb\n Size/MD5 checksum: 305536 0446686bb25783804121efced246e59d\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 164086 e615a6007aa89ccd38a1afc482c6c51e\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb\n Size/MD5 checksum: 68180 beec6961eba764cd9186f4ba1e116949\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb\n Size/MD5 checksum: 262216 937b2f2c26200b4a53f0bd8293b80af3\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb\n Size/MD5 checksum: 68464 c0e4a6cf4cbb2d6cda04ae5c0c572dd5\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 164312 48ec081a3f25a7863fe689a212d37b07\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb\n Size/MD5 checksum: 262482 560287e9b0c79a7d51ff4fd37e0a8da4\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 253154 caa93c1b0d9460d93d7b81241dcd25fb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb\n Size/MD5 checksum: 70748 59534d8fcb740fdfd681a173a85d72fe\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb\n Size/MD5 checksum: 166354 3d521ce5930a7707bb3afc61f7c48ccc\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb\n Size/MD5 checksum: 73500 bceb1dab986adc60adde49c6bb267e7d\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 253036 85ebb3e8ac1749f20e0c45f489f348a6\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb\n Size/MD5 checksum: 169330 aa9808b63b2301f8be657a3c2d6797d2\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 161688 5f12a2df5cea9e05bdad35a18e07f864\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb\n Size/MD5 checksum: 66084 bc6933daf2143bcc3f3b8c96e7bc29bb\n http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb\n Size/MD5 checksum: 247360 ad0ae85eb3806d0263b985139c3c54ed\n\n\n These files will probably be moved into the stable distribution on\n its next update. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0014\nSynopsis: VMware Workstation, Player, and ACE address several\n security issues. \nIssue date: 2010-09-23\nUpdated on: 2010-09-23 (initial release of advisory)\nCVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n VMware Workstation and Player address a potential installer security\n issue and security issues in libpng. VMware ACE Management Server\n (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n VMware Workstation 7.1.1 and earlier,\n VMware Player 3.1.1 and earlier,\n VMware ACE Management Server 2.7.1 and earlier,\n\n Note: VMware Server was declared End Of Availability on January 2010,\n support will be limited to Technical Guidance for the duration\n of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n The Workstation 7.x and Player 3.x installers will load an index.htm\n file located in the current working directory on which Workstation\n 7.x or Player 3.x is being installed. This may allow an attacker to\n display a malicious file if they manage to get their file onto the\n system prior to installation. \n\n The issue can only be exploited at the time that Workstation 7.x or\n Player 3.x is being installed. Installed versions of Workstation and\n Player are not affected. The security issue is no longer present in\n the installer of the new versions of Workstation 7.x and Player 3.x\n (see table below for the version numbers). \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2010-3277 to this issue. \n\n VMware would like to thank Alexander Trofimov and Marc Esher for\n independently reporting this issue to VMware. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.x any 7.1.2 build 301548 or later *\n Workstation 6.5.x any not affected\n\n Player 3.x any 3.1.2 build 301548 or later *\n Player 2.5.x any not affected\n\n AMS any any not affected\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note: This only affects the installer, if you have a version of\n Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n A buffer overflow condition in libpng is addressed that could\n potentially lead to code execution with the privileges of the\n application using libpng. Two potential denial of service issues\n are also addressed in the update. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation 7.1.x any 7.1.2 build 301548 or later\n Workstation 6.5.x any affected, patch pending\n\n Player 3.1.x any 3.1.2 build 301548 or later\n Player 2.5.x any affected, patch pending\n\n AMS any any not affected\n\n Server any any affected, no patch planned\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n version 2.2.15. \n\n A function in Apache HTTP Server when multithreaded MPM is used\n does not properly handle headers in subrequests in certain\n circumstances which may allow remote attackers to obtain sensitive\n information via a crafted request that triggers access to memory\n locations associated with an earlier request. \n\n The Apache mod_isapi module can be forced to unload a specific\n library before the processing of a request is complete, resulting\n in memory corruption. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n issues addressed in this update. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n Workstation any any not affected\n\n Player any any not affected\n\n AMS any Windows 2.7.2 build 301548 or later\n AMS any Linux affected, patch pending *\n\n Server any any not affected\n\n Fusion any Mac OS/X not affected\n\n ESXi any ESXi not affected\n\n ESX any ESX not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n Please review the patch/release notes for your product and version\n and verify the md5sum and/or the sha1sum of your downloaded file. \n\n VMware Workstation 7.1.2\n ------------------------\n http://www.vmware.com/download/ws/\n Release notes:\n http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n VMware Player 3.1.2\n -------------------\n http://www.vmware.com/download/player/\n Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n VMware Player for Windows 32-bit and 64-bit\t\n md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n VMware Player for Linux 32-bit\t\n md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n VMware Player for Linux 64-bit\t\n md5sum: 2ab08e0d4050719845a64d334ca15bb1\n sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n VMware ACE Management Server 2.7.2\n ----------------------------------\n http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n Release notes:\n http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n ACE Management Server for Windows\t\n md5sum: 02f0072b8e48a98ed914b633f070d550\n sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23 VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-960-1 July 08, 2010\nlibpng vulnerabilities\nCVE-2010-1205, CVE-2010-2249\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 9.04\nUbuntu 9.10\nUbuntu 10.04 LTS\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n libpng12-0 1.2.8rel-5ubuntu0.6\n\nUbuntu 8.04 LTS:\n libpng12-0 1.2.15~beta5-3ubuntu0.3\n\nUbuntu 9.04:\n libpng12-0 1.2.27-2ubuntu2.2\n\nUbuntu 9.10:\n libpng12-0 1.2.37-1ubuntu0.2\n\nUbuntu 10.04 LTS:\n libpng12-0 1.2.42-1ubuntu2.1\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into opening a crafted\nPNG file, an attacker could cause a denial of service or possibly execute\narbitrary code with the privileges of the user invoking the program. \n(CVE-2010-1205)\n\nIt was discovered that libpng did not properly handle certain malformed PNG\nimages. If a user or automated system were tricked into processing a\ncrafted PNG image, an attacker could possibly use this flaw to consume all\navailable resources, resulting in a denial of service. (CVE-2010-2249)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz\n Size/MD5: 24044 8979ca6b113137fe5ee051c1c70571eb\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc\n Size/MD5: 661 92722fa973e92a99f982fe05b5826adf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n Size/MD5: 510681 cac1512878fb98f2456df6dc50bc9bc7\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb\n Size/MD5: 842 dcbc7d24c8426e3b3024859ec157f57e\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 114528 aea355e99e67b76c9464f8cc49b3560d\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb\n Size/MD5: 247576 f0e52e10a663f9b1b04d9371d4a2cf14\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb\n Size/MD5: 69504 6536e83152b2cf00d0d961b9b095c2d5\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 112048 b8f85cc6154602422a8841a5cad1a4a1\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb\n Size/MD5: 239628 fb6f6e62a9fa6114c50946c74cb2ed5d\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb\n Size/MD5: 66946 501acb21d567d62608904e4272ff842d\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 111648 19cccb12fb968f40f04068b9da24f589\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb\n Size/MD5: 245230 ebdbfc860056170b7a165479d7905bb3\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb\n Size/MD5: 66458 24e918a95770150b4df72530bd6de095\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 109156 510d17affd2c0cf3f5dce5379df57d49\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb\n Size/MD5: 240072 1ff11e0649a58bc7b809c86941aaafd7\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb\n Size/MD5: 63882 d7df02c540e66a536cbffca5d02645d5\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz\n Size/MD5: 22755 f5c0ba19b04eba8264ebb6b30c5617d6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc\n Size/MD5: 832 d08a82b28411baa0184d3b8231fd8b61\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n Size/MD5: 829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb\n Size/MD5: 940 7344fa4e61880636b014525f6e6482a1\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 190186 01f82b2b967c5212e834dd57c12c1a7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb\n Size/MD5: 179752 c26e243dd21f5dd10b478c0415215c1c\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb\n Size/MD5: 70534 5f7628d9b644ae953c515d18f7de9980\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 188782 51354007cca0796218e3aaeba6142c41\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb\n Size/MD5: 171216 b7a092ef2f5955b380adc015bfae6c81\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb\n Size/MD5: 69082 7612cd438ddfaab236de5f342f709b66\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 189664 4825baf36c5d14b5066d548aaf050866\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb\n Size/MD5: 172962 b16b496d6553fbf28523147617011b95\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb\n Size/MD5: 70020 61f5d75c4435333ef586677a07d49915\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 190300 8ac6e4c1efb73de848d5bc5457093e7a\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb\n Size/MD5: 179166 d92637edf805d7d673a4440b2605dc57\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb\n Size/MD5: 70604 adf25dd26d85725ab3c74c4a80a7a541\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 185622 ef3cf5486afe387d09bf05106893b371\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb\n Size/MD5: 173422 4b2f3476b423a3c5c31ee0738bfb4458\n http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb\n Size/MD5: 65928 ab5ac0b24d618dc432d1763a0e50ebda\n\nUpdated packages for Ubuntu 9.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz\n Size/MD5: 176459 b2f27af9534f3c5b9a120680cd41ce7c\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc\n Size/MD5: 1296 b66efe2157ab6f3dad6e57b4fe9dbf13\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n Size/MD5: 783204 13a0de401db1972a8e68f47d5bdadd13\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb\n Size/MD5: 932 1c66e49e2b875fa40c5556c19d076508\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb\n Size/MD5: 72852 a1bbcffd25c3ec87cbdf86be154962fc\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 168576 9f40f2846c21aa5835f53ab6895ec5cf\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb\n Size/MD5: 255784 d9060ad287e40ded1848b79284abbcc0\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb\n Size/MD5: 71102 c18134055d747d066b60218b69e99d45\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 166904 e8151a3f79f0fff6d98bbb0675621594\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb\n Size/MD5: 247922 ae8412d1c420f1dd63cb436382cad51f\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb\n Size/MD5: 71488 5179307ffe74c10515e61503e647606f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 167370 dd07d7a09484eb7711da5cd874099abe\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb\n Size/MD5: 248872 a34333b123f4d12e7872868111942cbd\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb\n Size/MD5: 71674 f742f2771d94ca29746906c1177d657d\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 167514 478378fde5c7fd14fbffa1be072aa21c\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb\n Size/MD5: 254642 ba3f255f4346a4483c5410d55acaac65\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb\n Size/MD5: 66670 ee067298bc51471f06bcf1a74b557310\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 162336 ab167dcdbbd930a3d976af0ad57cbac2\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb\n Size/MD5: 248428 8b96f4ff4f0ad8e366ed4475d3890948\n\nUpdated packages for Ubuntu 9.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz\n Size/MD5: 20129 f230ec37944a0150ffc83cfdddc7c906\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc\n Size/MD5: 1293 fce0b2fd543aeff27d47fb91f12af053\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n Size/MD5: 805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb\n Size/MD5: 932 cee669d58ac9660e1fe71cf9e2eeda9d\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb\n Size/MD5: 73938 15bb328beed6ab3287967c54e4177018\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 175088 f003cc7565826cfcc337ab409ffc6e8f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb\n Size/MD5: 265400 2d26dc0e9ddb6c2010776fbbcb82d791\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb\n Size/MD5: 70444 a80af68dda6ff1aa3168040d33600e64\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 171594 3fca9df961cc3616b75f6518ab870a68\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb\n Size/MD5: 255474 1ab05dffaa25e1d9190d0ea872b0fbd8\n\n lpia architecture (Low Power Intel Architecture):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb\n Size/MD5: 71066 0495b247d489438259937bee1f17761f\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 172296 730fd7a16f9496e37ffee99ea68d15a6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb\n Size/MD5: 257350 fff93fe6a558aef20e20b8b8f15227e7\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb\n Size/MD5: 72524 8e92aaedc8e6fabafed81cca60a833e9\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 173720 055336debc8a5b9ff92e6cae9998ac94\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb\n Size/MD5: 264674 dbd6ca8bcdcf241c0629b7b27e0e1e5d\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb\n Size/MD5: 67348 44b9c2989661e116d78b809a8657a5c8\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 168516 b98b4872db6f90caf0f43da67197dec0\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb\n Size/MD5: 257634 eb673ad114284bbd9be37e1c322e1bfb\n\nUpdated packages for Ubuntu 10.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2\n Size/MD5: 19511 ac49d7354c1ab87a91dbad607733629f\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc\n Size/MD5: 1299 dae31f78418d5db8c3476d7562859658\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2\n Size/MD5: 670811 9a5cbe9798927fdf528f3186a8840ebe\n\n Architecture independent packages:\n\n http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb\n Size/MD5: 926 602d7036448637b45c1eacbc31e05640\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb\n Size/MD5: 74124 82cc493f2b3d80b10ccf3f9fa2ec4ff6\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 180006 3b5339fe77bcdae97bb2a318496a192e\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb\n Size/MD5: 271858 ae0c6a1e973dad2b0a0685fd863c096d\n\n i386 architecture (x86 compatible Intel/AMD):\n\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb\n Size/MD5: 70692 b264bdd0086f3451e42df7f840ab894a\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 176510 03c3d70135e907f21b2342972d8a9b40\n http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb\n Size/MD5: 261728 955b40272944dd988ee39b62d8c6606c\n\n powerpc architecture (Apple Macintosh G3/G4/G5):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb\n Size/MD5: 73380 ad2cda1c89c55c473121da33a40294f6\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 179272 b6623c3dcdc841a762308f889c8b478e\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb\n Size/MD5: 271898 fcccfdb0eb4bc3a3470a83888f8bae28\n\n sparc architecture (Sun SPARC/UltraSPARC):\n\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb\n Size/MD5: 69258 ec2047ed5079933d6dbeb841a0207c59\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 175214 142020dfd126d2335bc93bad6a714799\n http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb\n Size/MD5: 265174 06843a4a028c5533e89d5562cbeb2047\n\n\n\n. Latest xulrunner and\n mozilla-thunderbird has been patched as a precaution for 2008.0 wheres\n on 2009.0 and up the the system libpng library is used instead of the\n bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is\n therefore also being provided with this advisory. \n \n Packages for 2008.0 and 2009.0 are provided as of the Extended\n Maintenance Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149\u0026products_id=490\n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6218\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 4e91a2a256c61f52dffd4fb625e20cf8 2008.0/i586/htmldoc-1.8.27-1.2mdv2008.0.i586.rpm\n 71553205b1e31d2891667d2eab7aca14 2008.0/i586/htmldoc-nogui-1.8.27-1.2mdv2008.0.i586.rpm\n 75b6d3f905d7e94154902f81e4728963 2008.0/i586/libpng3-1.2.22-0.5mdv2008.0.i586.rpm\n fa0c81f2b544f65455a0e0420d9a0e56 2008.0/i586/libpng-devel-1.2.22-0.5mdv2008.0.i586.rpm\n d4d06a12fd8ee88295877e127757c64b 2008.0/i586/libpng-source-1.2.22-0.5mdv2008.0.i586.rpm\n 6687d56f95702f0e5786c885ab79c6a9 2008.0/i586/libpng-static-devel-1.2.22-0.5mdv2008.0.i586.rpm\n 546c18ed8ccf044a45dff3a8cd5ac5b7 2008.0/i586/libxulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.i586.rpm\n b428e1202d95d588fb3248c2b2fe8b2f 2008.0/i586/libxulrunner-devel-1.9.2.6-0.2mdv2008.0.i586.rpm\n b9541da4417ea1150c493aea591509bb 2008.0/i586/mozilla-thunderbird-3.0.5-0.2mdv2008.0.i586.rpm\n 3389caeeda8b8f272d0e5ed070f075b8 2008.0/i586/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.i586.rpm\n 901abb46652fbc19c8e655895181a949 2008.0/i586/nsinstall-3.0.5-0.2mdv2008.0.i586.rpm\n ad221cd523bff8f4a59037aa05e1442b 2008.0/i586/xulrunner-1.9.2.6-0.2mdv2008.0.i586.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 8b2eff5dd89f4ed7e3f120bbc31afa34 2008.0/x86_64/htmldoc-1.8.27-1.2mdv2008.0.x86_64.rpm\n 15460a7bce68e95d03a87eb14066728b 2008.0/x86_64/htmldoc-nogui-1.8.27-1.2mdv2008.0.x86_64.rpm\n c7577072f7ab2786a97d7df732b4299a 2008.0/x86_64/lib64png3-1.2.22-0.5mdv2008.0.x86_64.rpm\n fae36a86aa019cf0fcbcf0d15c508208 2008.0/x86_64/lib64png-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n 141ec56a2395ed150acc997eac851429 2008.0/x86_64/lib64png-static-devel-1.2.22-0.5mdv2008.0.x86_64.rpm\n a29c11e39685931084a085f5716afd5c 2008.0/x86_64/lib64xulrunner1.9.2.6-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 3a846b86c758be68420ef05e44cfe717 2008.0/x86_64/lib64xulrunner-devel-1.9.2.6-0.2mdv2008.0.x86_64.rpm\n 084f3b3d7c68806c7acfc7f3be701f0b 2008.0/x86_64/libpng-source-1.2.22-0.5mdv2008.0.x86_64.rpm\n c45f7479d93714c46d14f4ae2a5b76bd 2008.0/x86_64/mozilla-thunderbird-3.0.5-0.2mdv2008.0.x86_64.rpm\n 996e7a6a98997883236b08f6ec5816fa 2008.0/x86_64/mozilla-thunderbird-enigmail-3.0.5-0.2mdv2008.0.x86_64.rpm\n ecfdba6225b837a7a03c2ddf0d77d07f 2008.0/x86_64/nsinstall-3.0.5-0.2mdv2008.0.x86_64.rpm\n 394d8e8458e503ed10db7c7b7f742c2b 2008.0/x86_64/xulrunner-1.9.2.6-0.2mdv2008.0.x86_64.rpm \n d3dbbb58c9832db4edbc45a4023b4477 2008.0/SRPMS/htmldoc-1.8.27-1.2mdv2008.0.src.rpm\n 885dba7fe0581b37de05d20b838f279a 2008.0/SRPMS/libpng-1.2.22-0.5mdv2008.0.src.rpm\n 358c49e17d4db735f6862fdbee95a1c9 2008.0/SRPMS/mozilla-thunderbird-3.0.5-0.2mdv2008.0.src.rpm\n 748ab46a19f1c32808bf3e79429f2211 2008.0/SRPMS/xulrunner-1.9.2.6-0.2mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 28b355727c0ef89be1955a18a8c4a1cf 2009.0/i586/libpng3-1.2.31-2.3mdv2009.0.i586.rpm\n bf33a24dc5144d0c2362e5c7432f9434 2009.0/i586/libpng-devel-1.2.31-2.3mdv2009.0.i586.rpm\n e331263b8ac75ddad94f6d9d06d9c802 2009.0/i586/libpng-source-1.2.31-2.3mdv2009.0.i586.rpm\n 921c4ed0268fcb932f52d299ea74a28c 2009.0/i586/libpng-static-devel-1.2.31-2.3mdv2009.0.i586.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n a20b2965684ddb18b2818d618927bb9a 2009.0/x86_64/lib64png3-1.2.31-2.3mdv2009.0.x86_64.rpm\n df3bbf6f7e959aea3f6065c83ece5321 2009.0/x86_64/lib64png-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 3c8e3469239f93a70ccbcf56ba55cfb6 2009.0/x86_64/lib64png-static-devel-1.2.31-2.3mdv2009.0.x86_64.rpm\n 740cd4b4cf0d39dd03a26f0b821cfee4 2009.0/x86_64/libpng-source-1.2.31-2.3mdv2009.0.x86_64.rpm \n c43df36b143f834aa7351eb6a9952897 2009.0/SRPMS/libpng-1.2.31-2.3mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n 127a1c180703d9c89f5f968d7262c469 2009.1/i586/libpng3-1.2.35-1.2mdv2009.1.i586.rpm\n 3bbf13f800dcbb5f4ab45ffe898f96ce 2009.1/i586/libpng-devel-1.2.35-1.2mdv2009.1.i586.rpm\n 2e369ee2602705f601d23a977c82ae8a 2009.1/i586/libpng-source-1.2.35-1.2mdv2009.1.i586.rpm\n 5784917823e881a4aa997276528bfabe 2009.1/i586/libpng-static-devel-1.2.35-1.2mdv2009.1.i586.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n d6032db330f8b8b40af48b29fc6d3730 2009.1/x86_64/lib64png3-1.2.35-1.2mdv2009.1.x86_64.rpm\n 4aac775bc389d382f184d912ef50b0be 2009.1/x86_64/lib64png-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n fb792b3d38cf769590a2dde6ee74c755 2009.1/x86_64/lib64png-static-devel-1.2.35-1.2mdv2009.1.x86_64.rpm\n 0dfcb358ed06fe83e9621e06189aa8f9 2009.1/x86_64/libpng-source-1.2.35-1.2mdv2009.1.x86_64.rpm \n 6267ae8a72870fdd2a44962d987a6216 2009.1/SRPMS/libpng-1.2.35-1.2mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 76ba7b51c3eda624850a8288bd182afa 2010.0/i586/libpng3-1.2.40-1.2mdv2010.0.i586.rpm\n 7a936f6a94f33f0e7ffc991ff7b4ed7f 2010.0/i586/libpng-devel-1.2.40-1.2mdv2010.0.i586.rpm\n abd9ee162933e3208918d3190c76c0af 2010.0/i586/libpng-source-1.2.40-1.2mdv2010.0.i586.rpm\n bae7010f8e07568c1a9b42e20e7ddebf 2010.0/i586/libpng-static-devel-1.2.40-1.2mdv2010.0.i586.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 499b5e2707d19becfdab415a8008b122 2010.0/x86_64/lib64png3-1.2.40-1.2mdv2010.0.x86_64.rpm\n 166ca4d21e39bbb3f250806626c59154 2010.0/x86_64/lib64png-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 1c4b4f2e79cf01a4388a2e395dd64cfa 2010.0/x86_64/lib64png-static-devel-1.2.40-1.2mdv2010.0.x86_64.rpm\n 88b678c1352aa3ed0fffb04241254128 2010.0/x86_64/libpng-source-1.2.40-1.2mdv2010.0.x86_64.rpm \n cc04ec15436b892a4e75f1ad18675fb6 2010.0/SRPMS/libpng-1.2.40-1.2mdv2010.0.src.rpm\n\n Mandriva Linux 2010.1:\n 349ec004acb579d4466b530bfd5fbf3d 2010.1/i586/libpng3-1.2.43-1.1mdv2010.1.i586.rpm\n d9e323791b16319728fe1486f819e59b 2010.1/i586/libpng-devel-1.2.43-1.1mdv2010.1.i586.rpm\n 3101d70a79c416392fe228d34b9ba6ff 2010.1/i586/libpng-source-1.2.43-1.1mdv2010.1.i586.rpm\n 2ff75d1339d52d859939d81994eae477 2010.1/i586/libpng-static-devel-1.2.43-1.1mdv2010.1.i586.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Mandriva Linux 2010.1/X86_64:\n 80e4392bbe0bd06b392216a6737cd37a 2010.1/x86_64/lib64png3-1.2.43-1.1mdv2010.1.x86_64.rpm\n 2d7d50b539c63cd1874ed8150d7fb84a 2010.1/x86_64/lib64png-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 5c3793d0bc69db028ec214a6c9f67c1e 2010.1/x86_64/lib64png-static-devel-1.2.43-1.1mdv2010.1.x86_64.rpm\n 06b83b6f5050410eff5fe8a590972c18 2010.1/x86_64/libpng-source-1.2.43-1.1mdv2010.1.x86_64.rpm \n 0638fc23b9c5f1f7b3bcd0fdaf71bea8 2010.1/SRPMS/libpng-1.2.43-1.1mdv2010.1.src.rpm\n\n Corporate 4.0:\n be322ac5f446c26c2d0983a2d37e0c6c corporate/4.0/i586/htmldoc-1.8.23-8.2.20060mlcs4.i586.rpm\n 71329303eddfd4af0994a708bbe4a119 corporate/4.0/i586/htmldoc-nogui-1.8.23-8.2.20060mlcs4.i586.rpm\n 1c1036be9452042cd356349d6251b697 corporate/4.0/i586/libpng3-1.2.8-1.8.20060mlcs4.i586.rpm\n e9ba6c0c604a08f555d99503ba7adb68 corporate/4.0/i586/libpng3-devel-1.2.8-1.8.20060mlcs4.i586.rpm\n 288d9ca48ea58918bdff316891f3c474 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.8.20060mlcs4.i586.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n f761706265fcbebd220b16542a742cc9 corporate/4.0/x86_64/htmldoc-1.8.23-8.2.20060mlcs4.x86_64.rpm\n 79b3189809ad9176401620a41aaa1fcd corporate/4.0/x86_64/htmldoc-nogui-1.8.23-8.2.20060mlcs4.x86_64.rpm\n e4f9ac99ff42fbc27aae3d8942903043 corporate/4.0/x86_64/lib64png3-1.2.8-1.8.20060mlcs4.x86_64.rpm\n e26042ead39ce63ed5f4700d2e61e260 corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm\n 609d6dc1b8a2b5afb029505469844c4f corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.8.20060mlcs4.x86_64.rpm \n 3aa4084dfc51cf4e8ba252f89d53b220 corporate/4.0/SRPMS/htmldoc-1.8.23-8.2.20060mlcs4.src.rpm\n b2449f493949c397ac345027783c1216 corporate/4.0/SRPMS/libpng-1.2.8-1.8.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 282337fa9e11a04ef82464c7574591f4 mes5/i586/libpng3-1.2.31-2.3mdvmes5.1.i586.rpm\n 92c6ec861cf7da08a498576ba412e633 mes5/i586/libpng-devel-1.2.31-2.3mdvmes5.1.i586.rpm\n c9efa6abde763edff47bf0c1071c9f1a mes5/i586/libpng-source-1.2.31-2.3mdvmes5.1.i586.rpm\n 2f5340946610590a6baec42354868888 mes5/i586/libpng-static-devel-1.2.31-2.3mdvmes5.1.i586.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n e5f88951d2135de8587d4be94b405ce9 mes5/x86_64/lib64png3-1.2.31-2.3mdvmes5.1.x86_64.rpm\n 6b89da9eea105e65d7ae3c875c148473 mes5/x86_64/lib64png-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n c1e6715410bbf2081187aef6749b0e3d mes5/x86_64/lib64png-static-devel-1.2.31-2.3mdvmes5.1.x86_64.rpm\n cb7ef533d9966c8b531cde8a661fc0af mes5/x86_64/libpng-source-1.2.31-2.3mdvmes5.1.x86_64.rpm \n 488ece2aa6a2c4dc62d4c274d64c2926 mes5/SRPMS/libpng-1.2.31-2.3mdvmes5.1.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFMP2A1mqjQ0CJFipgRAjw5AKDRGlB7JGhhCobOgDXKWuKOu8Q43gCeOclX\nKlOM1C8b0XVNVFF83vXPz9A=\n=E10C\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n", "sources": [ { "db": "NVD", "id": "CVE-2010-2249" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "BID", "id": "41174" }, { "db": "VULHUB", "id": "VHN-44854" }, { "db": "VULMON", "id": "CVE-2010-2249" }, { "db": "PACKETSTORM", "id": "94522" }, { "db": "PACKETSTORM", "id": "91973" }, { "db": "PACKETSTORM", "id": "94244" }, { "db": "PACKETSTORM", "id": "91619" }, { "db": "PACKETSTORM", "id": "91878" } ], "trust": 2.52 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2010-2249", "trust": 3.4 }, { "db": "BID", "id": "41174", "trust": 2.9 }, { "db": "SECUNIA", "id": "40302", "trust": 2.6 }, { "db": "VUPEN", "id": "ADV-2010-1612", "trust": 2.5 }, { "db": "SECUNIA", "id": "40472", "trust": 1.8 }, { "db": "SECUNIA", "id": "41574", "trust": 1.8 }, { "db": "SECUNIA", "id": "42317", "trust": 1.8 }, { "db": "SECUNIA", "id": "40547", "trust": 1.8 }, { "db": "SECUNIA", "id": "42314", "trust": 1.8 }, { "db": "SECUNIA", "id": "40336", "trust": 1.8 }, { "db": "VUPEN", "id": "ADV-2010-2491", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-1837", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-1755", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-3046", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-1877", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-1637", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-3045", "trust": 1.7 }, { "db": "VUPEN", "id": "ADV-2010-1846", "trust": 1.7 }, { "db": "SECTRACK", "id": "1024723", "trust": 1.7 }, { "db": "XF", "id": "59816", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2010-001805", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201006-491", "trust": 0.7 }, { "db": "VULHUB", "id": "VHN-44854", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1837", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/3046", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/3045", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1612", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/2491", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1637", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1846", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1877", "trust": 0.1 }, { "db": "VUPEN", "id": "2010/1755", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2010-2249", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "94522", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "91973", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "94244", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "91619", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "91878", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-44854" }, { "db": "VULMON", "id": "CVE-2010-2249" }, { "db": "BID", "id": "41174" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "PACKETSTORM", "id": "94522" }, { "db": "PACKETSTORM", "id": "91973" }, { "db": "PACKETSTORM", "id": "94244" }, { "db": "PACKETSTORM", "id": "91619" }, { "db": "PACKETSTORM", "id": "91878" }, { "db": "CNNVD", "id": "CNNVD-201006-491" }, { "db": "NVD", "id": "CVE-2010-2249" } ] }, "id": "VAR-201006-0260", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-44854" } ], "trust": 0.01 }, "last_update_date": "2024-11-29T21:56:17.677000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "HT4456", "trust": 0.8, "url": "http://support.apple.com/kb/HT4456" }, { "title": "HT4457", "trust": 0.8, "url": "http://support.apple.com/kb/HT4457" }, { "title": "HT4554", "trust": 0.8, "url": "http://support.apple.com/kb/HT4554" }, { "title": "HT4566", "trust": 0.8, "url": "http://support.apple.com/kb/HT4566" }, { "title": "HT4435", "trust": 0.8, "url": "http://support.apple.com/kb/HT4435" }, { "title": "HT4456", "trust": 0.8, "url": "http://support.apple.com/kb/HT4456?viewlocale=ja_JP" }, { "title": "HT4457", "trust": 0.8, "url": "http://support.apple.com/kb/HT4457?viewlocale=ja_JP" }, { "title": "HT4554", "trust": 0.8, "url": "http://support.apple.com/kb/HT4554?viewlocale=ja_JP" }, { "title": "HT4566", "trust": 0.8, "url": "http://support.apple.com/kb/HT4566?viewlocale=ja_JP" }, { "title": "HT4435", "trust": 0.8, "url": "http://support.apple.com/kb/HT4435?viewlocale=ja_JP" }, { "title": "libpng-1.2.10-7.1.3.0.1.AXS3", "trust": 0.8, "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210" }, { "title": "Top Page", "trust": 0.8, "url": "http://www.libpng.org/pub/png/libpng.html" }, { "title": "libpng-1.2.44-README", "trust": 0.8, "url": "http://www.libpng.org/pub/png/src/libpng-1.2.44-README.txt" }, { "title": "2078", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078" }, { "title": "2079", "trust": 0.8, "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079" }, { "title": "RHSA-2010:0534", "trust": 0.8, "url": "https://rhn.redhat.com/errata/RHSA-2010-0534.html" }, { "title": "multiple_vulnerabilities_in_libpng", "trust": 0.8, "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng" }, { "title": "VMSA-2010-0014", "trust": 0.8, "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html" }, { "title": "libpng-1.4.1.tar.xz", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=216" }, { "title": "libpng-1.4.1.tar.gz", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=215" }, { "title": "linpng_txt.zip", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=219" }, { "title": "libpng-1.4.1.tar.bz2", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=214" }, { "title": "lpng141.zip", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=218" }, { "title": "lpng141.7z", "trust": 0.6, "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=217" }, { "title": "Debian CVElist Bug Report Logs: libpng: CVE-2010-1205 and CVE-2010-2249", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=184c5adf52ad398a58919ac7993ba9b9" }, { "title": "Ubuntu Security Notice: libpng vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-960-1" }, { "title": "Debian Security Advisories: DSA-2072-1 libpng -- several vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=3e96a347c5dea429ac96a3e5e90fb285" }, { "title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c" } ], "sources": [ { "db": "VULMON", "id": "CVE-2010-2249" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "CNNVD", "id": "CNNVD-201006-491" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-401", "trust": 1.1 }, { "problemtype": "CWE-399", "trust": 0.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-44854" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "NVD", "id": "CVE-2010-2249" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "http://www.securityfocus.com/bid/41174" }, { "trust": 2.6, "url": "http://secunia.com/advisories/40302" }, { "trust": 2.6, "url": "http://www.vupen.com/english/advisories/2010/1612" }, { "trust": 2.1, "url": "http://www.libpng.org/pub/png/libpng.html" }, { "trust": 1.8, "url": "http://www.securitytracker.com/id?1024723" }, { "trust": 1.8, "url": "http://secunia.com/advisories/40336" }, { "trust": 1.8, "url": "http://secunia.com/advisories/40472" }, { "trust": 1.8, "url": "http://secunia.com/advisories/40547" }, { "trust": 1.8, "url": "http://secunia.com/advisories/41574" }, { "trust": 1.8, "url": "http://secunia.com/advisories/42314" }, { "trust": 1.8, "url": "http://secunia.com/advisories/42317" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/1637" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/1755" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/1837" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/1846" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/1877" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/2491" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/3045" }, { "trust": 1.8, "url": "http://www.vupen.com/english/advisories/2010/3046" }, { "trust": 1.8, "url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html" }, { "trust": 1.8, "url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00003.html" }, { "trust": 1.8, "url": "http://lists.apple.com/archives/security-announce/2011/mar/msg00000.html" }, { "trust": 1.8, "url": "http://lists.apple.com/archives/security-announce/2011//mar/msg00004.html" }, { "trust": 1.8, "url": "http://www.debian.org/security/2010/dsa-2072" }, { "trust": 1.8, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044283.html" }, { "trust": 1.8, "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-july/044397.html" }, { "trust": 1.8, "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:133" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html" }, { "trust": 1.8, "url": "http://www.ubuntu.com/usn/usn-960-1" }, { "trust": 1.8, "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html" }, { "trust": 1.8, "url": "http://support.apple.com/kb/ht4435" }, { "trust": 1.8, "url": "http://support.apple.com/kb/ht4456" }, { "trust": 1.8, "url": "http://support.apple.com/kb/ht4457" }, { "trust": 1.8, "url": "http://support.apple.com/kb/ht4554" }, { "trust": 1.8, "url": "http://support.apple.com/kb/ht4566" }, { "trust": 1.8, "url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html" }, { "trust": 1.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644" }, { "trust": 1.8, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816" }, { "trust": 1.7, "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3ba=commitdiff%3bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20" }, { "trust": 1.7, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061" }, { "trust": 1.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249" }, { "trust": 0.8, "url": "http://xforce.iss.net/xforce/xfdb/59816" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu331391" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnvu935740" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2249" }, { "trust": 0.7, "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20" }, { "trust": 0.6, "url": "https://access.redhat.com/security/cve/cve-2010-2249" }, { "trust": 0.6, "url": "https://access.redhat.com/errata/rhsa-2010:0534" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249" }, { "trust": 0.3, "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng" }, { "trust": 0.3, "url": "https://kb.bluecoat.com/index?page=content\u0026id=sa65" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100092842" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100093925" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100108439" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100148396" }, { "trust": 0.3, "url": "http://www.mozilla.org/security/announce/2010/mfsa2010-41.html" }, { "trust": 0.3, "url": "http://btsc.webapps.blackberry.com/btsc/search.do?cmd=displaykc\u0026doctype=kc\u0026externalid=kb27244" }, { "trust": 0.3, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205" }, { "trust": 0.2, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205" }, { "trust": 0.1, "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026amp;y=2010\u0026amp;m=slackware-security.613061" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/401.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=587670" }, { "trust": 0.1, "url": "https://usn.ubuntu.com/960-1/" }, { "trust": 0.1, "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22585" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "http://security.gentoo.org/" }, { "trust": 0.1, "url": "http://security.gentoo.org/glsa/glsa-201010-01.xml" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.diff.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_sparc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny4.dsc" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_i386.deb" }, { "trust": 0.1, "url": "http://www.debian.org/security/faq" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_armel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_hppa.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_hppa.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_arm.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mips.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_arm.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_sparc.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mipsel.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_amd64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_i386.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny4_all.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_s390.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_alpha.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_mips.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_ia64.udeb" }, { "trust": 0.1, "url": "http://packages.debian.org/\u003cpkg\u003e" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_amd64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_ia64.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_mipsel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_s390.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_alpha.udeb" }, { "trust": 0.1, "url": "http://www.debian.org/security/" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_armel.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_powerpc.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_amd64.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny4_i386.udeb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_armel.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny4_powerpc.deb" }, { "trust": 0.1, "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny4_sparc.deb" }, { "trust": 0.1, "url": "http://www.vmware.com/security/advisoiries" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277" }, { "trust": 0.1, "url": "http://www.vmware.com/download/player/" }, { "trust": 0.1, "url": "http://www.vmware.com/security" }, { "trust": 0.1, "url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434" }, { "trust": 0.1, "url": "http://www.vmware.com/download/ws/" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425" }, { "trust": 0.1, "url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/eos.html" }, { "trust": 0.1, "url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/eos_vi.html" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_i386.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_i386.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_lpia.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_i386.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_lpia.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_lpia.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42.orig.tar.bz2" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_lpia.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_sparc.udeb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_lpia.udeb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_amd64.udeb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_sparc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_i386.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_lpia.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_powerpc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_lpia.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.2_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_amd64.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_powerpc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_amd64.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.3_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_amd64.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.3_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.debian.tar.bz2" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_sparc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.6_sparc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_powerpc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_sparc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.42-1ubuntu2.1.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.diff.gz" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_sparc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_i386.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.2.diff.gz" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_i386.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_powerpc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_powerpc.udeb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_sparc.udeb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_amd64.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.42-1ubuntu2.1_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_amd64.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_i386.udeb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_sparc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_amd64.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.2_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.dsc" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.2_sparc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.2_powerpc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.dsc" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.42-1ubuntu2.1_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_amd64.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.2.diff.gz" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_powerpc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_powerpc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.2_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_amd64.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.2_powerpc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.42-1ubuntu2.1_i386.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.3.diff.gz" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.3_sparc.deb" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.3_lpia.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.6_powerpc.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.2_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_i386.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.6_sparc.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.42-1ubuntu2.1_amd64.udeb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.6_all.deb" }, { "trust": 0.1, "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.6.dsc" }, { "trust": 0.1, "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.2_lpia.udeb" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6218" }, { "trust": 0.1, "url": "http://www.mandriva.com/security/" }, { "trust": 0.1, "url": "http://store.mandriva.com/product_info.php?cpath=149\u0026products_id=490" }, { "trust": 0.1, "url": "http://secunia.com/" }, { "trust": 0.1, "url": "http://lists.grok.org.uk/full-disclosure-charter.html" }, { "trust": 0.1, "url": "http://www.mandriva.com/security/advisories" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2008-6218" } ], "sources": [ { "db": "VULHUB", "id": "VHN-44854" }, { "db": "VULMON", "id": "CVE-2010-2249" }, { "db": "BID", "id": "41174" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "PACKETSTORM", "id": "94522" }, { "db": "PACKETSTORM", "id": "91973" }, { "db": "PACKETSTORM", "id": "94244" }, { "db": "PACKETSTORM", "id": "91619" }, { "db": "PACKETSTORM", "id": "91878" }, { "db": "CNNVD", "id": "CNNVD-201006-491" }, { "db": "NVD", "id": "CVE-2010-2249" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-44854" }, { "db": "VULMON", "id": "CVE-2010-2249" }, { "db": "BID", "id": "41174" }, { "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "db": "PACKETSTORM", "id": "94522" }, { "db": "PACKETSTORM", "id": "91973" }, { "db": "PACKETSTORM", "id": "94244" }, { "db": "PACKETSTORM", "id": "91619" }, { "db": "PACKETSTORM", "id": "91878" }, { "db": "CNNVD", "id": "CNNVD-201006-491" }, { "db": "NVD", "id": "CVE-2010-2249" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-06-30T00:00:00", "db": "VULHUB", "id": "VHN-44854" }, { "date": "2010-06-30T00:00:00", "db": "VULMON", "id": "CVE-2010-2249" }, { "date": "2010-06-25T00:00:00", "db": "BID", "id": "41174" }, { "date": "2010-08-10T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "date": "2010-10-05T22:16:57", "db": "PACKETSTORM", "id": "94522" }, { "date": "2010-07-20T00:53:34", "db": "PACKETSTORM", "id": "91973" }, { "date": "2010-09-25T18:50:30", "db": "PACKETSTORM", "id": "94244" }, { "date": "2010-07-08T21:03:46", "db": "PACKETSTORM", "id": "91619" }, { "date": "2010-07-16T04:34:46", "db": "PACKETSTORM", "id": "91878" }, { "date": "2010-06-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201006-491" }, { "date": "2010-06-30T18:30:01.847000", "db": "NVD", "id": "CVE-2010-2249" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2023-02-13T00:00:00", "db": "VULHUB", "id": "VHN-44854" }, { "date": "2020-08-14T00:00:00", "db": "VULMON", "id": "CVE-2010-2249" }, { "date": "2015-04-13T21:46:00", "db": "BID", "id": "41174" }, { "date": "2012-03-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-001805" }, { "date": "2023-04-26T00:00:00", "db": "CNNVD", "id": "CNNVD-201006-491" }, { "date": "2024-11-21T01:16:14.217000", "db": "NVD", "id": "CVE-2010-2249" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "91878" }, { "db": "CNNVD", "id": "CNNVD-201006-491" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "libpng include pngrutil.c Memory leak vulnerability", "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-001805" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201006-491" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.