CVE-2008-1382

HIGH

Description

libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.

References

http://libpng.sourceforge.net/Advisory-1.2.26.txt

http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html

http://secunia.com/advisories/29678

http://secunia.com/advisories/29792

http://secunia.com/advisories/29957

http://secunia.com/advisories/29992

http://secunia.com/advisories/30009

http://secunia.com/advisories/30157

http://secunia.com/advisories/30174

http://secunia.com/advisories/30402

http://secunia.com/advisories/30486

http://secunia.com/advisories/31882

http://secunia.com/advisories/33137

http://secunia.com/advisories/34152

http://secunia.com/advisories/34388

http://secunia.com/advisories/35074

http://secunia.com/advisories/35258

http://secunia.com/advisories/35302

http://secunia.com/advisories/35386

http://security.gentoo.org/glsa/glsa-200804-15.xml

http://security.gentoo.org/glsa/glsa-200805-10.xml

http://security.gentoo.org/glsa/glsa-200812-15.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.541247

http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1

http://support.apple.com/kb/HT3549

http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0151

http://www.debian.org/security/2009/dsa-1750

http://www.mandriva.com/security/advisories?name=MDVSA-2008:156

http://www.ocert.org/advisories/ocert-2008-003.html

http://www.osvdb.org/44364

http://www.redhat.com/support/errata/RHSA-2009-0333.html

http://www.securityfocus.com/archive/1/490823/100/0/threaded

http://www.securityfocus.com/archive/1/491424/100/0/threaded

http://www.securityfocus.com/archive/1/503912/100/0/threaded

http://www.securityfocus.com/bid/28770

http://www.securitytracker.com/id?1019840

http://www.us-cert.gov/cas/techalerts/TA08-260A.html

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.vmware.com/security/advisories/VMSA-2009-0007.html

http://www.vupen.com/english/advisories/2008/1225/references

http://www.vupen.com/english/advisories/2008/2584

http://www.vupen.com/english/advisories/2009/1297

http://www.vupen.com/english/advisories/2009/1451

http://www.vupen.com/english/advisories/2009/1462

http://www.vupen.com/english/advisories/2009/1560

https://exchange.xforce.ibmcloud.com/vulnerabilities/41800

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10326

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6275

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00033.html

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00080.html

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00111.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00721.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00951.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00960.html

Details

Source: MITRE

Published: 2008-04-14

Updated: 2018-10-11

Type: CWE-189

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libpng:libpng:1.0.6:a:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:d:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:e:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:f:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:g:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:h:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:i:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:j:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta11:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta12:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta13:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta14:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta15:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta16:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta17:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta18:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta9:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.10:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.10:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.12:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.12:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.21:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.21:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.22:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.24:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.25:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.25:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.30:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.31:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.7:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.7:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta9:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.13:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.13:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.13:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.14:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.14:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.14:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.16:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.16:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.16:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta11:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta12:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta13:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta14:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta15:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta16:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta17:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta18:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta19:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta20:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta22:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta23:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta24:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta25:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta26:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta27:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta28:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta29:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta30:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta31:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta9:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.21:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta05:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta05:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta06:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:rc02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta05:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta06:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta11:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta12:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta13:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta14:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta15:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta16:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta17:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta18:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta19:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta9:*:*:*:*:*:*

Tenable Plugins

View all (38 total)

IDNameProductFamilySeverity
107983Solaris 10 (x86) : 137081-10NessusSolaris Local Security Checks
high
107982Solaris 10 (x86) : 137081-09NessusSolaris Local Security Checks
high
107981Solaris 10 (x86) : 137081-07NessusSolaris Local Security Checks
high
107485Solaris 10 (sparc) : 137080-10NessusSolaris Local Security Checks
high
107484Solaris 10 (sparc) : 137080-09NessusSolaris Local Security Checks
high
107483Solaris 10 (sparc) : 137080-07NessusSolaris Local Security Checks
high
79961GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010NessusGentoo Local Security Checks
critical
67815Oracle Linux 4 / 5 : libpng (ELSA-2009-0333)NessusOracle Linux Local Security Checks
high
60539Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
43731CentOS 4 : libpng (CESA-2009:0333)NessusCentOS Local Security Checks
high
41209SuSE9 Security Update : libpng (YOU Patch Number 12141)NessusSuSE Local Security Checks
high
40392VMSA-2009-0007 : VMware Hosted products and ESX and ESXi patches resolve security issuesNessusVMware ESX Local Security Checks
high
40036openSUSE Security Update : libpng-devel (libpng-devel-66)NessusSuSE Local Security Checks
high
38744Mac OS X 10.5.x < 10.5.7 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
38060Mandriva Linux Security Advisory : libpng (MDVSA-2008:156)NessusMandriva Local Security Checks
high
37042Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)NessusUbuntu Local Security Checks
high
35988Debian DSA-1750-1 : libpng - several vulnerabilitiesNessusDebian Local Security Checks
high
35775RHEL 2.1 / 4 / 5 : libpng (RHSA-2009:0333)NessusRed Hat Local Security Checks
high
35107GLSA-200812-15 : POV-Ray: User-assisted execution of arbitrary codeNessusGentoo Local Security Checks
high
4682Mac OS X < 10.5.5 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
34211Mac OS X 10.5.x < 10.5.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
34210Mac OS X Multiple Vulnerabilities (Security Update 2008-006)NessusMacOS X Local Security Checks
critical
33082Fedora 7 : libpng-1.2.29-1.fc7 (2008-4947)NessusFedora Local Security Checks
high
33081Fedora 9 : libpng-1.2.29-1.fc9 (2008-4910)NessusFedora Local Security Checks
high
33079Fedora 8 : libpng-1.2.29-1.fc8 (2008-4847)NessusFedora Local Security Checks
high
32460Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)NessusFedora Local Security Checks
high
32459Fedora 8 : libpng10-1.0.37-1.fc8 (2008-3937)NessusFedora Local Security Checks
high
32458Fedora 9 : libpng10-1.0.37-1.fc9 (2008-3683)NessusFedora Local Security Checks
high
32301GLSA-200805-10 : Pngcrush: User-assisted execution of arbitrary codeNessusGentoo Local Security Checks
high
32110FreeBSD : png -- unknown chunk processing uninitialized memory access (57c705d6-12ae-11dd-bab7-0016179b2dd5)NessusFreeBSD Local Security Checks
high
32083Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2008-119-01)NessusSlackware Local Security Checks
high
32052SuSE 10 Security Update : libpng (ZYPP Patch Number 5181)NessusSuSE Local Security Checks
high
32024openSUSE 10 Security Update : libpng (libpng-5180)NessusSuSE Local Security Checks
high
31962GLSA-200804-15 : libpng: Execution of arbitrary codeNessusGentoo Local Security Checks
high
31337Solaris 10 (x86) : 137081-11 (deprecated)NessusSolaris Local Security Checks
high
31333Solaris 10 (sparc) : 137080-11 (deprecated)NessusSolaris Local Security Checks
high
5023Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
800792Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high