CVE-2007-5269
This CVE name corresponds to:
The following information is adapted from the
Common Vulnerabilities and
Exposures (CVE) project. CVE and the CVE logo are trademarks
of The MITRE Corporation. CVE content is Copyright 2005, The
MITRE Corporation.
Details
Description
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT (png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read operations.
References
Source |
Reference |
BUGTRAQ |
20071112 FLEA-2007-0065-1 libpng |
BUGTRAQ |
20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK |
BUGTRAQ |
20080318 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues |
BUGTRAQ |
20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. |
FULLDISC |
20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. |
MLIST |
[png-mng-implement] 20071004 Libpng-1.2.21 and libpng-1.0.29 released |
MLIST |
[security-announce] 20080317 VMSA-2008-0005 Updated VMware Workstation, VMware Player, VMware Server, VMware ACE, and VMware Fusion resolve critical security issues |
MISC |
http://www.coresecurity.com/?action=item&id=2148 |
CONFIRM |
https://issues.rpath.com/browse/RPL-1814 |
CONFIRM |
https://bugzilla.redhat.com/show_bug.cgi?id=327791 |
CONFIRM |
https://bugzilla.redhat.com/show_bug.cgi?id=337461 |
CONFIRM |
http://bugs.gentoo.org/show_bug.cgi?id=195261 |
CONFIRM |
http://support.avaya.com/elmodocs2/security/ASA-2007-460.htm |
CONFIRM |
http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html |
CONFIRM |
http://docs.info.apple.com/article.html?artnum=307562 |
CONFIRM |
http://www.vmware.com/security/advisories/VMSA-2008-0005.html |
CONFIRM |
http://www.vmware.com/support/ace2/doc/releasenotes_ace2.html |
CONFIRM |
http://www.vmware.com/support/player/doc/releasenotes_player.html |
CONFIRM |
http://www.vmware.com/support/player2/doc/releasenotes_player2.html |
CONFIRM |
http://www.vmware.com/support/server/doc/releasenotes_server.html |
CONFIRM |
http://www.vmware.com/support/ws55/doc/releasenotes_ws55.html |
CONFIRM |
http://www.vmware.com/support/ws6/doc/releasenotes_ws6.html |
CONFIRM |
http://www.vmware.com/security/advisories/VMSA-2008-0014.html |
CONFIRM |
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm |
APPLE |
APPLE-SA-2008-03-18 |
APPLE |
APPLE-SA-2008-05-28 |
DEBIAN |
DSA-1750 |
FEDORA |
FEDORA-2007-2521 |
FEDORA |
FEDORA-2007-2666 |
FEDORA |
FEDORA-2007-734 |
GENTOO |
GLSA-200711-08 |
GENTOO |
GLSA-200805-07 |
GENTOO |
GLSA-201209-25 |
MANDRIVA |
MDKSA-2007:217 |
REDHAT |
RHSA-2007:0992 |
SLACKWARE |
SSA:2007-325-01 |
SUNALERT |
259989 |
SUNALERT |
1020521 |
SUSE |
SUSE-SR:2007:025 |
UBUNTU |
USN-538-1 |
CERT |
TA08-150A |
BID |
25956 |
BID |
28276 |
OVAL |
oval:org.mitre.oval:def:10614 |
SECUNIA |
34388 |
SECUNIA |
35302 |
SECUNIA |
35386 |
VUPEN |
ADV-2007-3390 |
VUPEN |
ADV-2008-0924 |
VUPEN |
ADV-2008-0905 |
VUPEN |
ADV-2008-1697 |
VUPEN |
ADV-2008-2466 |
SECTRACK |
1018849 |
SECUNIA |
27093 |
SECUNIA |
27284 |
SECUNIA |
27405 |
SECUNIA |
27369 |
SECUNIA |
27391 |
SECUNIA |
27492 |
SECUNIA |
27529 |
SECUNIA |
27662 |
SECUNIA |
27629 |
SECUNIA |
27746 |
SECUNIA |
27965 |
SECUNIA |
29420 |
SECUNIA |
30161 |
SECUNIA |
30430 |
SECUNIA |
31712 |
SECUNIA |
31713 |
VUPEN |
ADV-2009-1462 |
VUPEN |
ADV-2009-1560 |
Copyright © 2005 The MITRE Corporation.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright
information.