You are here

CVE-2010-1205

Vincent (CVE) Danen's picture
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

Details Source

Mitre

Public Date

2010-06-25 00:00:00

Impact

Important

Bugzilla

CVE-2010-1205 libpng: out-of-bounds memory write

Bugzilla ID

608 238

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 RHSA-2010:0534 2010-07-14
Red Hat Enterprise Linux 3 (seamonkey) RHSA-2010:0546 2010-07-21
Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) (thunderbird) RHSA-2010:0545 2010-07-21
Red Hat Enterprise Linux 5 (libpng) RHSA-2010:0534 2010-07-14
Red Hat Enterprise Linux 4 RHSA-2010:0534 2010-07-14
Red Hat Enterprise Linux 5 (thunderbird) RHSA-2010:0545 2010-07-21
Red Hat Enterprise Linux 5 (firefox) RHSA-2010:0547 2010-07-21
Red Hat Enterprise Linux 4 (seamonkey) RHSA-2010:0546 2010-07-21
Red Hat Enterprise Linux 4 (firefox) RHSA-2010:0547 2010-07-21

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 libpng Not affected