This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated libpng packages that fix a possible buffer overflow are now
The libpng package contains a library of functions for creating and
manipulating PNG (Portable Network Graphics) image format files.
During an audit of Red Hat Linux updates, the Fedora Legacy team found
a security issue in libpng that had not been fixed in Red Hat
Enterprise Linux 3. An attacker could carefully craft a PNG file in
such a way that it would cause an application linked to libpng to
crash or potentially execute arbitrary code when opened by a victim.
Note: this issue does not affect Red Hat Enterprise Linux 2.1
Users are advised to upgrade to these updated packages that contain a
backported security fix and are not vulnerable to this issue.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Red Hat Local Security Checks
Nessus Plugin ID: 12507 ()
CVE ID: CVE-2002-1363
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.