what you don't know can hurt you
Showing 1 - 6 of 6 RSS Feed

CVE-2009-2042

Status Candidate

Overview

libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.

Related Files

Gentoo Linux Security Advisory 201412-08
Posted Dec 12, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-8 - This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution.

tags | advisory, remote, local, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2006-3005, CVE-2007-2741, CVE-2008-0553, CVE-2008-1382, CVE-2008-5907, CVE-2008-6218, CVE-2008-6661, CVE-2009-0040, CVE-2009-0360, CVE-2009-0361, CVE-2009-0946, CVE-2009-2042, CVE-2009-2624, CVE-2009-3736, CVE-2009-4029, CVE-2009-4411, CVE-2009-4896, CVE-2010-0001, CVE-2010-0436, CVE-2010-0732, CVE-2010-0829, CVE-2010-1000, CVE-2010-1205, CVE-2010-1511, CVE-2010-2056, CVE-2010-2060, CVE-2010-2192, CVE-2010-2251
MD5 | 4988293251dc9709a0f0caf5c1076c9b
Debian Linux Security Advisory 2032-1
Posted Apr 13, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2032-1 - Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-2042, CVE-2010-0205
MD5 | 023f3944a535766fb868415337958e0f
VMware Security Advisory 2010-0007
Posted Apr 10, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware hosted products, vCenter Server and ESX patches resolve multiple security issues.

tags | advisory
advisories | CVE-2010-1142, CVE-2010-1140, CVE-2009-2042, CVE-2009-1564, CVE-2009-1565, CVE-2009-3732, CVE-2009-3707, CVE-2010-1138, CVE-2010-1139, CVE-2010-1141
MD5 | 4933c63d42b9e7fc0e912fa7e66267be
Mandriva Linux Security Advisory 2010-063
Posted Mar 23, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-063 - Multiple vulnerabilities has been found and corrected in libpng. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2042, CVE-2010-0205
MD5 | 41852bd7d8097f1b704b4f20a9ac7c4a
Ubuntu Security Notice 913-1
Posted Mar 17, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 913-1 - It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2009-2042, CVE-2010-0205
MD5 | e34dd3abb0e2d79fb917042a37af2af6
Gentoo Linux Security Advisory 200906-1
Posted Jun 29, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200906-01 - A vulnerability has been discovered in libpng that allows for information disclosure. Jeff Phillips discovered that libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file. Versions less than 1.2.37 are affected.

tags | advisory, info disclosure
systems | linux, gentoo
advisories | CVE-2009-2042
MD5 | 9ba5fcf8171c13cdafe8abb723bfcc6d
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close