Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
History
21 Nov 2024, 01:13
Type | Values Removed | Values Added |
---|---|---|
References | () http://blackberry.com/btsc/KB27244 - Broken Link | |
References | () http://code.google.com/p/chromium/issues/detail?id=45983 - Exploit, Issue Tracking, Mailing List, Third Party Advisory | |
References | () http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html - Release Notes, Third Party Advisory | |
References | () http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18 - | |
References | () http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html - Mailing List, Third Party Advisory | |
References | () http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html - Mailing List, Third Party Advisory | |
References | () http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html - Mailing List, Third Party Advisory | |
References | () http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html - Mailing List, Third Party Advisory | |
References | () http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html - Mailing List, Third Party Advisory | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html - Mailing List, Third Party Advisory | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html - Mailing List, Third Party Advisory | |
References | () http://lists.vmware.com/pipermail/security-announce/2010/000105.html - Mailing List, Patch, Third Party Advisory | |
References | () http://secunia.com/advisories/40302 - Broken Link | |
References | () http://secunia.com/advisories/40336 - Broken Link | |
References | () http://secunia.com/advisories/40472 - Broken Link | |
References | () http://secunia.com/advisories/40547 - Broken Link | |
References | () http://secunia.com/advisories/41574 - Broken Link | |
References | () http://secunia.com/advisories/42314 - Broken Link | |
References | () http://secunia.com/advisories/42317 - Broken Link | |
References | () http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061 - Mailing List, Patch, Third Party Advisory | |
References | () http://support.apple.com/kb/HT4312 - Third Party Advisory | |
References | () http://support.apple.com/kb/HT4435 - Broken Link | |
References | () http://support.apple.com/kb/HT4456 - Third Party Advisory | |
References | () http://support.apple.com/kb/HT4457 - Third Party Advisory | |
References | () http://support.apple.com/kb/HT4554 - Third Party Advisory | |
References | () http://support.apple.com/kb/HT4566 - Broken Link | |
References | () http://trac.webkit.org/changeset/61816 - Patch, Third Party Advisory | |
References | () http://www.debian.org/security/2010/dsa-2072 - Third Party Advisory | |
References | () http://www.libpng.org/pub/png/libpng.html - Product, Vendor Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2010:133 - Broken Link | |
References | () http://www.mozilla.org/security/announce/2010/mfsa2010-41.html - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/41174 - Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/USN-960-1 - Third Party Advisory | |
References | () http://www.vmware.com/security/advisories/VMSA-2010-0014.html - Patch, Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2010/1612 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/1637 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/1755 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/1837 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/1846 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/1877 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/2491 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/3045 - Broken Link | |
References | () http://www.vupen.com/english/advisories/2010/3046 - Broken Link | |
References | () https://bugs.webkit.org/show_bug.cgi?id=40798 - Permissions Required, Third Party Advisory | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=570451 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=608238 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/59815 - Third Party Advisory, VDB Entry | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851 - Third Party Advisory |
07 Nov 2023, 02:05
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2010-06-30 18:30
Updated : 2024-11-21 01:13
NVD link : CVE-2010-1205
Mitre link : CVE-2010-1205
CVE.ORG link : CVE-2010-1205
JSON object : View
Products Affected
apple
- mac_os_x
- itunes
- iphone_os
- safari
- mac_os_x_server
libpng
- libpng
opensuse
- opensuse
mozilla
- firefox
- thunderbird
- seamonkey
- chrome
suse
- linux_enterprise_server
canonical
- ubuntu_linux
vmware
- workstation
- player
debian
- debian_linux
fedoraproject
- fedora
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')