First published: Thu Mar 01 2012(Updated: )
A type conversion flaw leading to an out-of-bounds heap buffer read was found in the way libpng, a library of functions for manipulation PNG image format files, performed expansion of certain iCCP, iTXt, and zTXt PNG image file chunks. A remote attacker could provide a specially-crafted Portable Network Graphics (PNG) image file, which once opened in an application, linked against libpng, could lead to denial of service or in some cases, execution of arbitrary code with permission of the user running such an application. Upstream patch: <a href="http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b#patch3">http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=a8c319a2b281af68f7ca0e2f9a28ca57b44ceb2b#patch3</a>
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Google Chrome | <17.0.963.83 | |
Fedoraproject Fedora | =17 | |
Fedoraproject Fedora | =16 | |
Redhat Enterprise Linux Server Aus | =6.2 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux Workstation | =5.0 | |
Debian Debian Linux | =6.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Server Eus | =6.2 | |
Fedoraproject Fedora | =15 | |
Redhat Enterprise Linux | =5.0 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Desktop | =5.0 | |
openSUSE openSUSE | =12.1 | |
Redhat Storage | =2.0 | |
Redhat Storage For Public Cloud | =2.0 | |
Redhat Gluster Storage | =2.0 | |
Libpng Libpng | <1.5.10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.