LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

libpng: denial of service

Package(s):libpng CVE #(s):CVE-2008-1382
Created:April 15, 2008 Updated:June 3, 2008
Description: From the CVE entry: libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
Alerts:
Gentoo 200804-15 2008-04-15
SuSE SUSE-SR:2008:010 2008-04-25
Slackware SSA:2008-119-01 2008-04-29
rPath rPSA-2008-0151-1 2008-04-29
Gentoo 200805-10 2008-05-11
Fedora FEDORA-2008-3979 2008-05-28
Fedora FEDORA-2008-3937 2008-05-28
Fedora FEDORA-2008-3683 2008-05-28
Fedora FEDORA-2008-4947 2008-06-03
Fedora FEDORA-2008-4847 2008-06-03
Fedora FEDORA-2008-4910 2008-06-03
(Log in to post comments)

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.