Vulnerabilities > CVE-2002-1363 - Unspecified vulnerability in Greg Roelofs Libpng

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.

Nessus

  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-212.NASL
    descriptionDoxygen is a documentation system for C, C++ and IDL. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities : Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to
    last seen2020-06-01
    modified2020-06-02
    plugin id24597
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24597
    titleMandrake Linux Security Advisory : doxygen (MDKSA-2006:212)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2006:212. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(24597);
      script_version ("1.18");
      script_cvs_date("Date: 2019/08/02 13:32:48");
    
      script_cve_id("CVE-2002-1363", "CVE-2004-0421", "CVE-2004-0597", "CVE-2004-0598", "CVE-2004-0599", "CVE-2006-3334", "CVE-2006-5793");
      script_bugtraq_id(10244, 18698);
      script_xref(name:"MDKSA", value:"2006:212");
    
      script_name(english:"Mandrake Linux Security Advisory : doxygen (MDKSA-2006:212)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Mandrake Linux host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Doxygen is a documentation system for C, C++ and IDL. It is built with
    a private copy of libpng, and as such could be susceptible to some of
    the same vulnerabilities :
    
    Buffer overflow in the png_decompress_chunk function in pngrutil.c in
    libpng before 1.2.12 allows context-dependent attackers to cause a
    denial of service and possibly execute arbitrary code via unspecified
    vectors related to 'chunk error processing,' possibly involving the
    'chunk_name'. (CVE-2006-3334)
    
    It is questionable whether this issue is actually exploitable, but the
    patch to correct the issue has been included in versions < 1.2.12.
    
    Tavis Ormandy, of the Gentoo Linux Security Auditing Team, discovered
    a typo in png_set_sPLT() that may cause an application using libpng to
    read out of bounds, resulting in a crash. (CVE-2006-5793)
    
    In addition, an patch to address several old vulnerabilities has been
    applied to this build. (CVE-2002-1363, CVE-2004-0421, CVE-2004-0597,
    CVE-2004-0598, CVE-2004-0599)
    
    Packages have been patched to correct these issues."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected doxygen package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:doxygen");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/11/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2006.0", reference:"doxygen-1.4.4-1.1.20060mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK2007.0", reference:"doxygen-1.4.7-1.1mdv2007.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200407-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200407-06 (libpng: Buffer overflow on row buffers) Due to a wrong calculation of loop offset values, libpng contains a buffer overflow vulnerability on the row buffers. This vulnerability was initially patched in January 2003 but since it has been discovered that libpng contains the same vulnerability in two other places. Impact : An attacker could exploit this vulnerability to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user. Workaround : There is no known workaround at this time. All users are encouraged to upgrade to the latest available version.
    last seen2020-06-01
    modified2020-06-02
    plugin id14539
    published2004-08-30
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14539
    titleGLSA-200407-06 : libpng: Buffer overflow on row buffers
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200407-06.
    #
    # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14539);
      script_version("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:41");
    
      script_cve_id("CVE-2002-1363");
      script_xref(name:"GLSA", value:"200407-06");
    
      script_name(english:"GLSA-200407-06 : libpng: Buffer overflow on row buffers");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200407-06
    (libpng: Buffer overflow on row buffers)
    
        Due to a wrong calculation of loop offset values, libpng contains a buffer
        overflow vulnerability on the row buffers. This vulnerability was initially
        patched in January 2003 but since it has been discovered that libpng
        contains the same vulnerability in two other places.
      
    Impact :
    
        An attacker could exploit this vulnerability to cause programs linked
        against the library to crash or execute arbitrary code with the permissions
        of the user running the vulnerable program, which could be the root user.
      
    Workaround :
    
        There is no known workaround at this time. All users are encouraged to
        upgrade to the latest available version."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200407-06"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All libpng users should upgrade to the latest stable version:
        # emerge sync
        # emerge -pv '>=media-libs/libpng-1.2.5-r7'
        # emerge '>=media-libs/libpng-1.2.5-r7'
        You should also run revdep-rebuild to rebuild any packages that depend on
        older versions of libpng :
        # revdep-rebuild"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libpng");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2004/07/08");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/30");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"media-libs/libpng", unaffected:make_list("ge 1.2.5-r7"), vulnerable:make_list("le 1.2.5-r6"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-402.NASL
    descriptionUpdated libpng packages that fix several issues are now available. The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. During a source code audit, Chris Evans discovered several buffer overflows in libpng. An attacker could create a carefully crafted PNG file in such a way that it would cause an application linked with libpng to execute arbitrary code when the file was opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0597 to these issues. In addition, this audit discovered a potential NULL pointer dereference in libpng (CVE-2004-0598) and several integer overflow issues (CVE-2004-0599). An attacker could create a carefully crafted PNG file in such a way that it would cause an application linked with libpng to crash when the file was opened by the victim. Red Hat would like to thank Chris Evans for discovering these issues. For users of Red Hat Enterprise Linux 2.1 these patches also include a more complete fix for the out of bounds memory access flaw (CVE-2002-1363). All users are advised to update to the updated libpng packages which contain backported security patches and are not vulnerable to these issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id14213
    published2004-08-05
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/14213
    titleRHEL 2.1 / 3 : libpng (RHSA-2004:402)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2004:402. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14213);
      script_version ("1.30");
      script_cvs_date("Date: 2019/10/25 13:36:10");
    
      script_cve_id("CVE-2002-1363", "CVE-2004-0597", "CVE-2004-0598", "CVE-2004-0599");
      script_xref(name:"RHSA", value:"2004:402");
    
      script_name(english:"RHEL 2.1 / 3 : libpng (RHSA-2004:402)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Updated libpng packages that fix several issues are now available.
    
    The libpng package contains a library of functions for creating and
    manipulating PNG (Portable Network Graphics) image format files.
    
    During a source code audit, Chris Evans discovered several buffer
    overflows in libpng. An attacker could create a carefully crafted PNG
    file in such a way that it would cause an application linked with
    libpng to execute arbitrary code when the file was opened by a victim.
    The Common Vulnerabilities and Exposures project (cve.mitre.org) has
    assigned the name CVE-2004-0597 to these issues.
    
    In addition, this audit discovered a potential NULL pointer
    dereference in libpng (CVE-2004-0598) and several integer overflow
    issues (CVE-2004-0599). An attacker could create a carefully crafted
    PNG file in such a way that it would cause an application linked with
    libpng to crash when the file was opened by the victim.
    
    Red Hat would like to thank Chris Evans for discovering these issues.
    
    For users of Red Hat Enterprise Linux 2.1 these patches also include a
    more complete fix for the out of bounds memory access flaw
    (CVE-2002-1363).
    
    All users are advised to update to the updated libpng packages which
    contain backported security patches and are not vulnerable to these
    issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2002-1363"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0597"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0598"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2004-0599"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2004:402"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpng");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpng-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpng10");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libpng10-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2002/12/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2004/08/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/08/05");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(2\.1|3)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2004:402";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"libpng-1.0.14-7")) flag++;
      if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"libpng-devel-1.0.14-7")) flag++;
    
      if (rpm_check(release:"RHEL3", reference:"libpng-1.2.2-25")) flag++;
      if (rpm_check(release:"RHEL3", reference:"libpng-devel-1.2.2-25")) flag++;
      if (rpm_check(release:"RHEL3", reference:"libpng10-1.0.13-15")) flag++;
      if (rpm_check(release:"RHEL3", reference:"libpng10-devel-1.0.13-15")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libpng / libpng-devel / libpng10 / libpng10-devel");
      }
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2006-213.NASL
    descriptionChromium is an OpenGL-based shoot them up game with fine graphics. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities : Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to
    last seen2020-06-01
    modified2020-06-02
    plugin id24598
    published2007-02-18
    reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/24598
    titleMandrake Linux Security Advisory : chromium (MDKSA-2006:213)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2006:213. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(24598);
      script_version ("1.20");
      script_cvs_date("Date: 2019/08/02 13:32:48");
    
      script_cve_id(
        "CVE-2002-1363",
        "CVE-2004-0421",
        "CVE-2004-0597",
        "CVE-2004-0598",
        "CVE-2004-0599",
        "CVE-2006-3334"
      );
      script_bugtraq_id(
        10244,
        18698,
        21078
      );
      script_xref(name:"MDKSA", value:"2006:213");
    
      script_name(english:"Mandrake Linux Security Advisory : chromium (MDKSA-2006:213)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Chromium is an OpenGL-based shoot them up game with fine graphics. It
    is built with a private copy of libpng, and as such could be
    susceptible to some of the same vulnerabilities :
    
    Buffer overflow in the png_decompress_chunk function in pngrutil.c in
    libpng before 1.2.12 allows context-dependent attackers to cause a
    denial of service and possibly execute arbitrary code via unspecified
    vectors related to 'chunk error processing,' possibly involving the
    'chunk_name'. (CVE-2006-3334)
    
    It is questionable whether this issue is actually exploitable, but the
    patch to correct the issue has been included in versions < 1.2.12.
    
    In addition, an patch to address several old vulnerabilities has been
    applied to this build. (CVE-2002-1363, CVE-2004-0421, CVE-2004-0597,
    CVE-2004-0598, CVE-2004-0599)
    
    Packages have been patched to correct these issues."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected chromium and / or chromium-setup packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:chromium");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:chromium-setup");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2006/11/16");
      script_set_attribute(attribute:"plugin_publication_date", value:"2007/02/18");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK2007.0", reference:"chromium-0.9.12-25.1mdv2007.0", yank:"mdv")) flag++;
    if (rpm_check(release:"MDK2007.0", reference:"chromium-setup-0.9.12-25.1mdv2007.0", yank:"mdv")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2004-063.NASL
    descriptionA buffer overflow vulnerability was discovered in libpng due to a wrong calculation of some loop offset values. This buffer overflow can lead to Denial of Service or even remote compromise. This vulnerability was initially patched in January of 2003, but it has since been noted that fixes were required in two additional places that had not been corrected with the earlier patch. This update uses an updated patch to fix all known issues. After the upgrade, all applications that use libpng should be restarted. Many applications are linked to libpng, so if you are unsure of what applications to restart, you may wish to reboot the system. Mandrakesoft encourages all users to upgrade immediately.
    last seen2020-06-01
    modified2020-06-02
    plugin id14162
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14162
    titleMandrake Linux Security Advisory : libpng (MDKSA-2004:063)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2004:063. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(14162);
      script_version ("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:47");
    
      script_cve_id("CVE-2002-1363");
      script_xref(name:"MDKSA", value:"2004:063");
    
      script_name(english:"Mandrake Linux Security Advisory : libpng (MDKSA-2004:063)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A buffer overflow vulnerability was discovered in libpng due to a
    wrong calculation of some loop offset values. This buffer overflow can
    lead to Denial of Service or even remote compromise.
    
    This vulnerability was initially patched in January of 2003, but it
    has since been noted that fixes were required in two additional places
    that had not been corrected with the earlier patch. This update uses
    an updated patch to fix all known issues.
    
    After the upgrade, all applications that use libpng should be
    restarted. Many applications are linked to libpng, so if you are
    unsure of what applications to restart, you may wish to reboot the
    system. Mandrakesoft encourages all users to upgrade immediately."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:008"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64png3-static-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3-static-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.2");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2004/06/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64png3-1.2.5-10.3.100mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64png3-devel-1.2.5-10.3.100mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"amd64", reference:"lib64png3-static-devel-1.2.5-10.3.100mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpng3-1.2.5-10.3.100mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpng3-devel-1.2.5-10.3.100mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.0", cpu:"i386", reference:"libpng3-static-devel-1.2.5-10.3.100mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libpng3-1.2.5-2.3.91mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libpng3-devel-1.2.5-2.3.91mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.1", cpu:"i386", reference:"libpng3-static-devel-1.2.5-2.3.91mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64png3-1.2.5-7.3.92mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64png3-devel-1.2.5-7.3.92mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"amd64", reference:"lib64png3-static-devel-1.2.5-7.3.92mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpng3-1.2.5-7.3.92mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpng3-devel-1.2.5-7.3.92mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.2", cpu:"i386", reference:"libpng3-static-devel-1.2.5-7.3.92mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2003-008.NASL
    descriptionA buffer overflow vulnerability was discovered in libpng due to a wrong calculation of some loop offset values. This buffer overflow can lead to Denial of Service or even remote compromise. After the upgrade, all applications that use libpng should be restarted. Many applications are linked to libpng, so if you are unsure of what applications to restart, you may wish to reboot the system. MandrakeSoft encourages all users to upgrade immediately.
    last seen2020-06-01
    modified2020-06-02
    plugin id13993
    published2004-07-31
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13993
    titleMandrake Linux Security Advisory : libpng (MDKSA-2003:008)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2003:008. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(13993);
      script_version ("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:46");
    
      script_cve_id("CVE-2002-1363");
      script_xref(name:"MDKSA", value:"2003:008");
    
      script_name(english:"Mandrake Linux Security Advisory : libpng (MDKSA-2003:008)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "A buffer overflow vulnerability was discovered in libpng due to a
    wrong calculation of some loop offset values. This buffer overflow can
    lead to Denial of Service or even remote compromise.
    
    After the upgrade, all applications that use libpng should be
    restarted. Many applications are linked to libpng, so if you are
    unsure of what applications to restart, you may wish to reboot the
    system. MandrakeSoft encourages all users to upgrade immediately."
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libpng3-static-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.0");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.1");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:9.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2003/01/20");
      script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"libpng-1.0.8-2.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"libpng-devel-1.0.8-2.2mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"libpng2-1.0.9-1.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"libpng2-devel-1.0.9-1.2mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"libpng2-1.0.12-2.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.1", cpu:"i386", reference:"libpng2-devel-1.0.12-2.2mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libpng3-1.2.4-3.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libpng3-devel-1.2.4-3.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK8.2", cpu:"i386", reference:"libpng3-static-devel-1.2.4-3.2mdk", yank:"mdk")) flag++;
    
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libpng3-1.2.4-3.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libpng3-devel-1.2.4-3.2mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK9.0", cpu:"i386", reference:"libpng3-static-devel-1.2.4-3.2mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2003-007.NASL
    descriptionUpdated libpng packages are available which fix a buffer overflow vulnerability. [Updated 06 Feb 2003] Added fixed packages for Advanced Workstation 2.1 The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. Unpatched versions of libpng 1.2.1 and earlier do not correctly calculate offsets, which leads to a buffer overflow and the possibility of arbitrary code execution. This could be exploited by an attacker creating a carefully crafted PNG file which could execute arbitrary code when the victim views it. Packages within Red Hat Linux Advanced Server, such as Mozilla, make use of the shared libpng library. All users are advised to upgrade to the errata packages, which contain libpng 1.0.14 with a backported patch that corrects this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id12348
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12348
    titleRHEL 2.1 : libpng (RHSA-2003:007)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD20040809.NASL
    descriptionThe remote host is missing Security Update 2004-08-09. libpng is a library used for manipulating graphics files. Several buffer overflows have been discovered in libpng. A remote attacker could exploit these vulnerabilities by tricking a user into opening a maliciously crafted PNG file, resulting in the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id14242
    published2004-08-10
    reporterThis script is Copyright (C) 2004-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/14242
    titleMac OS X Multiple Vulnerabilities (Security Update 2004-08-09)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-213.NASL
    descriptionGlenn Randers-Pehrson discovered a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG (Portable Network Graphics) format files. The starting offsets for the loops are calculated incorrectly which causes a buffer overrun beyond the beginning of the row buffer.
    last seen2020-06-01
    modified2020-06-02
    plugin id15050
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15050
    titleDebian DSA-213-1 : libpng - buffer overflow
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SA_2003_0004.NASL
    descriptionThe remote host is missing the patch for the advisory SUSE-SA:2003:0004 (libpng). The library libpng provides several functions to encode, decode and manipulate Portable Network Graphics (PNG) image files. Due to wrong calculation of some loop offset values a buffer overflow can occur. The buffer overflow can lead to Denial-of-Service or even to remote compromise. After updating libpng all applications that use libpng should be restarted. Due to the fact that a lot of applications are linked with libpng it may be necessary to switch to runlevel S and back to the previous runlevel or even to reboot the system. There is no temporary fix known. Please install the new packages from our FTP servers. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command
    last seen2020-06-01
    modified2020-06-02
    plugin id13770
    published2004-07-25
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/13770
    titleSUSE-SA:2003:0004: libpng
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2004-249.NASL
    descriptionUpdated libpng packages that fix a possible buffer overflow are now available. The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. During an audit of Red Hat Linux updates, the Fedora Legacy team found a security issue in libpng that had not been fixed in Red Hat Enterprise Linux 3. An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code when opened by a victim. Note: this issue does not affect Red Hat Enterprise Linux 2.1 Users are advised to upgrade to these updated packages that contain a backported security fix and are not vulnerable to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id12507
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12507
    titleRHEL 3 : libpng (RHSA-2004:249)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-536.NASL
    descriptionChris Evans discovered several vulnerabilities in libpng : - CAN-2004-0597 Multiple buffer overflows exist, including when handling transparency chunk data, which could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is processed - CAN-2004-0598 Multiple NULL pointer dereferences in png_handle_iCPP() and elsewhere could be exploited to cause an application to crash when a specially crafted PNG image is processed - CAN-2004-0599 Multiple integer overflows in the png_handle_sPLT(), png_read_png() functions and elsewhere could be exploited to cause an application to crash, or potentially arbitrary code to be executed, when a specially crafted PNG image is processed In addition, a bug related to CAN-2002-1363 was fixed : - CAN-2004-0768 A buffer overflow could be caused by incorrect calculation of buffer offsets, possibly leading to the execution of arbitrary code
    last seen2020-06-01
    modified2020-06-02
    plugin id15373
    published2004-09-29
    reporterThis script is Copyright (C) 2004-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/15373
    titleDebian DSA-536-1 : libpng - several vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2003-119.NASL
    descriptionUpdated mICQ packages are available which fix a remote crash. mICQ is an online messaging and conferencing program. mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character. Users of mICQ are advised to upgrade to these erratum packages containing mICQ version 0.4.10.2 which is not vulnerable to this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id12384
    published2004-07-06
    reporterThis script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/12384
    titleRHEL 2.1 : micq (RHSA-2003:119)

Oval

accepted2004-10-06T12:00:00.000-04:00
classvulnerability
contributors
nameJay Beale
organizationBastille Linux
descriptionPortable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.
familyunix
idoval:org.mitre.oval:def:3657
statusaccepted
submitted2004-09-03T04:26:00.000-04:00
titlePortable Network Graphics Library Offset Calculation Vulnerability
version4

Redhat

advisories
  • rhsa
    idRHSA-2003:006
  • rhsa
    idRHSA-2003:007
  • rhsa
    idRHSA-2003:119
  • rhsa
    idRHSA-2003:157
  • rhsa
    idRHSA-2004:249
  • rhsa
    idRHSA-2004:402
rpms
  • libpng-2:1.2.2-24
  • libpng-debuginfo-2:1.2.2-24
  • libpng-devel-2:1.2.2-24
  • libpng10-0:1.0.13-14
  • libpng10-debuginfo-0:1.0.13-14
  • libpng10-devel-0:1.0.13-14
  • libpng-2:1.2.2-25
  • libpng-debuginfo-2:1.2.2-25
  • libpng-devel-2:1.2.2-25
  • libpng10-0:1.0.13-15
  • libpng10-debuginfo-0:1.0.13-15
  • libpng10-devel-0:1.0.13-15

References