FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-5269

This CVE name corresponds to:

Entered Topic
2007-10-11 png -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2007-5269 at cve.mitre.org

Details

Type Candidate
Name CVE-2007-5269
Phase Assigned(20071008)

Description

Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations.

References

Source Reference
BUGTRAQ 20071112 FLEA-2007-0065-1 libpng
BUGTRAQ 20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK
BUGTRAQ 20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
BUGTRAQ 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
FULLDISC 20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
MLIST [png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released
MLIST [security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues
MISC http://www.coresecurity.com/?action=item&id=2148
CONFIRM https://issues.rpath.com/browse/RPL-1814
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=327791
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=337461
CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=195261
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm
CONFIRM http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
CONFIRM http://docs.info.apple.com/article.html?artnum=307562
CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0005.html
CONFIRM http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html
CONFIRM http://www.vmware.com/support/player/doc/releasenotes_player.html
CONFIRM http://www.vmware.com/support/player2/doc/releasenotes_player2.html
CONFIRM http://www.vmware.com/support/server/doc/releasenotes_server.html
CONFIRM http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html
CONFIRM http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html
CONFIRM http://www.vmware.com/security/advisories/VMSA-2008-0014.html
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
APPLE APPLE-SA-2008-03-18
APPLE APPLE-SA-2008-05-28
DEBIAN DSA-1750
FEDORA FEDORA-2007-2521
FEDORA FEDORA-2007-2666
FEDORA FEDORA-2007-734
GENTOO GLSA-200711-08
GENTOO GLSA-200805-07
GENTOO GLSA-201209-25
MANDRIVA MDKSA-2007:217
REDHAT RHSA-2007:0992
SLACKWARE SSA:2007-325-01
SUNALERT 259989
SUNALERT 1020521
SUSE SUSE-SR:2007:025
UBUNTU USN-538-1
CERT TA08-150A
BID 25956
BID 28276
OVAL oval:org.mitre.oval:def:10614
SECUNIA 34388
SECUNIA 35302
SECUNIA 35386
VUPEN ADV-2007-3390
VUPEN ADV-2008-0924
VUPEN ADV-2008-0905
VUPEN ADV-2008-1697
VUPEN ADV-2008-2466
SECTRACK 1018849
SECUNIA 27093
SECUNIA 27284
SECUNIA 27405
SECUNIA 27369
SECUNIA 27391
SECUNIA 27492
SECUNIA 27529
SECUNIA 27662
SECUNIA 27629
SECUNIA 27746
SECUNIA 27965
SECUNIA 29420
SECUNIA 30161
SECUNIA 30430
SECUNIA 31712
SECUNIA 31713
VUPEN ADV-2009-1462
VUPEN ADV-2009-1560

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.