FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

png -- libpng decompression denial of service

Affected packages
1.2.43 < png < 1.4.1

Details

VuXML ID 4fb5d2cd-4c77-11df-83fb-0015587e2cc1
Discovery 2010-02-27
Entry 2010-04-20

A vulnerability in libpng can result in denial of service conditions when a remote attacker tricks a victim to open a specially-crafted PNG file.

The PNG project describes the problem in an advisory:

Because of the efficient compression method used in Portable Network Graphics (PNG) files, a small PNG file can expand tremendously, acting as a "decompression bomb".

Malformed PNG chunks can consume a large amount of CPU and wall-clock time and large amounts of memory, up to all memory available on a system

References

Bugtraq ID 38478
CERT/CC Vulnerability Note 576029
CVE Name CVE-2010-0205
URL http://libpng.sourceforge.net/ADVISORY-1.4.1.html
URL http://secunia.com/advisories/38774
URL http://xforce.iss.net/xforce/xfdb/56661