CVE-2008-1382

Impact:
Low
Public Date:
2008-04-12
Bugzilla:
441839: CVE-2008-1382 libpng unknown chunk handling flaw

The MITRE CVE dictionary describes this issue as:

libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.

Find out more about CVE-2008-1382 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This issue does not affect the version of libpng as shipped with Red Hat Enterprise Linux 3.

Updates for affected versions of Red Hat Enterprise Linux can be found here:
http://rhn.redhat.com/errata/RHSA-2009-0333.html

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 RHSA-2009:0333 2009-03-04
Red Hat Enterprise Linux 2.1 (libpng) RHSA-2009:0333 2009-03-04
Red Hat Enterprise Linux 5 (libpng) RHSA-2009:0333 2009-03-04

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.