CVE-2010-2249

Related Files

Gentoo Linux Security Advisory 201010-1

Posted Oct 5, 2010

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201010-1 - Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. Versions less than 1.4.3 are affected.

tags | advisory, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2010-0205, CVE-2010-1205, CVE-2010-2249

SHA-256 | 053ed2283e7bc0cc350641770fd5cf189d7743c4b37cb99243aa7582fe434950

Download | Favorite | View

VMware Security Advisory 2010-0014

Posted Sep 25, 2010

Authored by VMware | Site vmware.com

VMware Security Advisory - VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.

tags | advisory

systems | windows

advisories | CVE-2010-3277, CVE-2010-1205, CVE-2010-0205, CVE-2010-2249, CVE-2010-0434, CVE-2010-0425

SHA-256 | c598de56110b9b1285f2b8e0d5afbeeb93abb4d32d2d9e62b9bdc9c16b71278b

Download | Favorite | View

Debian Linux Security Advisory 2072-1

Posted Jul 20, 2010

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2072-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.

tags | advisory, vulnerability

systems | linux, debian

advisories | CVE-2010-1205, CVE-2010-2249

SHA-256 | d17b0e986dbcc1fbbef738ae5e58903f49fceb0dc5c82dae6a6e23be776a6ddd

Download | Favorite | View

Mandriva Linux Security Advisory 2010-133

Posted Jul 16, 2010

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-133 - Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

tags | advisory, remote, denial of service, overflow, arbitrary, memory leak

systems | linux, mandriva

advisories | CVE-2008-6218, CVE-2010-1205, CVE-2010-2249

SHA-256 | 9dbcdb392f0269d231a9304f120b56317d9400add78640b2d61a8c8ee985f7fc

Download | Favorite | View

Ubuntu Security Notice 960-1

Posted Jul 8, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 960-1 - It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2010-1205, CVE-2010-2249

SHA-256 | 695c3fa01d385df30a9d7097d45ec9e589131d59ecd0ec3ed268993f351e471d

Download | Favorite | View