Back to search
CVE-2008-1382
Published: Apr 14, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SR:2008:010
vendor-advisory
x_refsource_SUSE
RHSA-2009:0333
vendor-advisory
x_refsource_REDHAT
35386
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1225
vdb-entry
x_refsource_VUPEN
30157
third-party-advisory
x_refsource_SECUNIA
30174
third-party-advisory
x_refsource_SECUNIA
1020521
vendor-advisory
x_refsource_SUNALERT
http://support.apple.com/kb/HT3549
x_refsource_CONFIRM
APPLE-SA-2008-09-15
vendor-advisory
x_refsource_APPLE
44364
vdb-entry
x_refsource_OSVDB
ADV-2009-1560
vdb-entry
x_refsource_VUPEN
34388
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1462
vdb-entry
x_refsource_VUPEN
GLSA-200805-10
vendor-advisory
x_refsource_GENTOO
FEDORA-2008-4910
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-3937
vendor-advisory
x_refsource_FEDORA
30486
third-party-advisory
x_refsource_SECUNIA
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0151
x_refsource_CONFIRM
http://www.vmware.com/security/advisories/VMSA-2009-0007.html
x_refsource_CONFIRM
TA08-260A
third-party-advisory
x_refsource_CERT
30402
third-party-advisory
x_refsource_SECUNIA
259989
vendor-advisory
x_refsource_SUNALERT
35302
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-4847
vendor-advisory
x_refsource_FEDORA
SSA:2008-119-01
vendor-advisory
x_refsource_SLACKWARE
20080429 rPSA-2008-0151-1 libpng
mailing-list
x_refsource_BUGTRAQ
35074
third-party-advisory
x_refsource_SECUNIA
ADV-2008-2584
vdb-entry
x_refsource_VUPEN
29792
third-party-advisory
x_refsource_SECUNIA
1019840
vdb-entry
x_refsource_SECTRACK
ADV-2009-1451
vdb-entry
x_refsource_VUPEN
APPLE-SA-2009-05-12
vendor-advisory
x_refsource_APPLE
31882
third-party-advisory
x_refsource_SECUNIA
GLSA-200804-15
vendor-advisory
x_refsource_GENTOO
29992
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-3683
vendor-advisory
x_refsource_FEDORA
20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues
mailing-list
x_refsource_BUGTRAQ
29678
third-party-advisory
x_refsource_SECUNIA
libpng-zero-length-code-execution(41800)
vdb-entry
x_refsource_XF
GLSA-200812-15
vendor-advisory
x_refsource_GENTOO
DSA-1750
vendor-advisory
x_refsource_DEBIAN
http://www.ocert.org/advisories/ocert-2008-003.html
x_refsource_MISC
20080414 [oCERT-2008-003] libpng zero-length chunks incorrect handling
mailing-list
x_refsource_BUGTRAQ
http://libpng.sourceforge.net/Advisory-1.2.26.txt
x_refsource_CONFIRM
oval:org.mitre.oval:def:10326
vdb-entry
signature
x_refsource_OVAL
TA09-133A
third-party-advisory
x_refsource_CERT
ADV-2009-1297
vdb-entry
x_refsource_VUPEN
33137
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:6275
vdb-entry
signature
x_refsource_OVAL
34152
third-party-advisory
x_refsource_SECUNIA
MDVSA-2008:156
vendor-advisory
x_refsource_MANDRIVA
35258
third-party-advisory
x_refsource_SECUNIA
30009
third-party-advisory
x_refsource_SECUNIA
28770
vdb-entry
x_refsource_BID
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
x_refsource_CONFIRM
29957
third-party-advisory
x_refsource_SECUNIA
FEDORA-2008-3979
vendor-advisory
x_refsource_FEDORA
FEDORA-2008-4947
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now