Executive Summary
Summary | |
---|---|
Title | libpng malformed cHRM divide-by-zero vulnerability |
Informations | |||
---|---|---|---|
Name | VU#477046 | First vendor Publication | 2011-09-22 |
Vendor | VU-CERT | Last vendor Modification | 2011-09-23 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 2.6 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#477046libpng malformed cHRM divide-by-zero vulnerabilityOverviewlibpng crashes when processing malformed cHRM chunks.I. DescriptionWhen libpng encounters a cHRM chunk that is malformed it will perform a divide-by-zero causing libpng to crash. This bug was introduced in libpng version 1.5.4 and has been fixed in libpng version 1.5.5.II. ImpactBy tricking a user into opening a specifically crafted PNG file within an application that uses libpng, an attacker may be able to cause a denial of service crash.The PNG Development Group has stated that: Such malformed PNG files are not necessarily malevolent (ones have been observed on the Internet that were created by accident) but they will cause a crash anyway. The PNG Development Group recommends upgrading to libpng-1.5.5. However, if you must continue to use libpng-1.5.4, you can apply the following patch to libpng-1.5.4:
Referenceshttp://libpng.sf.net/index.html ftp://ftp.simplesystems.org/pub/png/src https://sourceforge.net/tracker/index.php?func=detail&aid=3406145&group_id=5624&atid=105624 CreditThanks to Glenn Randers-Pehrson of the PNG Development Group for reporting this vulnerability. This document was written by Michael Orlando.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/477046 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
OpenVAS Exploits
Date | Description |
---|---|
2012-05-18 | Name : Mac OS X Multiple Vulnerabilities (2012-002) File : nvt/gb_macosx_su12-002.nasl |
2012-02-06 | Name : Mac OS X Multiple Vulnerabilities (2012-001) File : nvt/gb_macosx_su12-001.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
75676 | libpng libpng/pngrutil.c png_handle_cHRM() Function cHRM Chunk PNG File Handl... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-09-27 | Name : The remote device is affected by multiple vulnerabilities. File : appletv_5_1.nasl - Type : ACT_GATHER_INFO |
2012-05-10 | Name : The remote host is missing a Mac OS X update that fixes multiple security vul... File : macosx_SecUpd2012-002.nasl - Type : ACT_GATHER_INFO |
2012-02-02 | Name : The remote host is missing a Mac OS X update that fixes several security vuln... File : macosx_10_7_3.nasl - Type : ACT_GATHER_INFO |