|Bugzilla:||504782: CVE-2009-2042 libpng: Interlaced Images Information Disclosure Vulnerability|
The MITRE CVE dictionary describes this issue as:
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
This issue has been addressed in Red Hat Enterprise Linux 3, 4, and 5 via https://rhn.redhat.com/errata/RHSA-2010-0534.html.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Enterprise Linux version 3||RHSA-2010:0534||July 14, 2010|
|Red Hat Enterprise Linux version 4||RHSA-2010:0534||July 14, 2010|
|Red Hat Enterprise Linux version 5 (libpng)||RHSA-2010:0534||July 14, 2010|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.