CVE-2008-1382

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory.

References

http://libpng.sourceforge.net/Advisory-1.2.26.txt

http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html

http://secunia.com/advisories/29678

http://secunia.com/advisories/29792

http://secunia.com/advisories/29957

http://secunia.com/advisories/29992

http://secunia.com/advisories/30009

http://secunia.com/advisories/30157

http://secunia.com/advisories/30174

http://secunia.com/advisories/30402

http://secunia.com/advisories/30486

http://secunia.com/advisories/31882

http://secunia.com/advisories/33137

http://secunia.com/advisories/34152

http://secunia.com/advisories/34388

http://secunia.com/advisories/35074

http://secunia.com/advisories/35258

http://secunia.com/advisories/35302

http://secunia.com/advisories/35386

http://security.gentoo.org/glsa/glsa-200804-15.xml

http://security.gentoo.org/glsa/glsa-200805-10.xml

http://security.gentoo.org/glsa/glsa-200812-15.xml

http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.541247

http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1

http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1

http://support.apple.com/kb/HT3549

http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0151

http://www.debian.org/security/2009/dsa-1750

http://www.mandriva.com/security/advisories?name=MDVSA-2008:156

http://www.ocert.org/advisories/ocert-2008-003.html

http://www.osvdb.org/44364

http://www.redhat.com/support/errata/RHSA-2009-0333.html

http://www.securityfocus.com/archive/1/490823/100/0/threaded

http://www.securityfocus.com/archive/1/491424/100/0/threaded

http://www.securityfocus.com/archive/1/503912/100/0/threaded

http://www.securityfocus.com/bid/28770

http://www.securitytracker.com/id?1019840

http://www.us-cert.gov/cas/techalerts/TA08-260A.html

http://www.us-cert.gov/cas/techalerts/TA09-133A.html

http://www.vmware.com/security/advisories/VMSA-2009-0007.html

http://www.vupen.com/english/advisories/2008/1225/references

http://www.vupen.com/english/advisories/2008/2584

http://www.vupen.com/english/advisories/2009/1297

http://www.vupen.com/english/advisories/2009/1451

http://www.vupen.com/english/advisories/2009/1462

http://www.vupen.com/english/advisories/2009/1560

https://exchange.xforce.ibmcloud.com/vulnerabilities/41800

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10326

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6275

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00033.html

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00080.html

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00111.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00721.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00951.html

https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00960.html

Details

Source: MITRE

Published: 2008-04-14

Updated: 2018-10-11

Type: CWE-189

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libpng:libpng:1.0.6:a:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:d:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:e:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:f:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:g:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:h:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:i:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.6:j:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta11:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta12:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta13:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta14:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta15:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta16:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta17:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:beta18:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.7:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.8:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:beta9:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.9:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.10:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.10:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.11:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.12:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.12:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.15:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.19:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.21:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.21:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.22:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.23:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.24:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.25:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.25:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.27:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.28:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.29:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.30:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.31:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.0:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.1:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.2:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.3:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.4:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.5:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.6:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.7:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.7:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.8:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:beta9:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.9:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.10:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.11:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.13:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.13:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.13:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.14:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.14:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.14:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.15:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.16:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.16:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.16:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.17:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta11:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta12:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta13:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta14:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta15:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta16:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta17:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta18:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta19:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta20:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta22:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta23:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta24:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta25:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta26:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta27:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta28:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta29:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta30:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta31:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:beta9:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.19:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.20:rc6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.21:rc3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta2-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta3-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:beta4-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:rc1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.22:rc1-1.2.21:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:beta05:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.23:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.24:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta05:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:beta06:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.25:rc02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta02:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta03:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta04:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta05:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:beta06:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.2.26:rc01:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta1:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta10:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta11:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta12:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta13:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta14:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta15:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta16:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta17:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta18:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta19:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta2:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta3:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta4:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta5:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta6:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta7:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta8:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:1.4:beta9:*:*:*:*:*:*

Tenable Plugins

View all (38 total)

IDNameProductFamilySeverity
107983Solaris 10 (x86) : 137081-10NessusSolaris Local Security Checks
high
107982Solaris 10 (x86) : 137081-09NessusSolaris Local Security Checks
high
107981Solaris 10 (x86) : 137081-07NessusSolaris Local Security Checks
high
107485Solaris 10 (sparc) : 137080-10NessusSolaris Local Security Checks
high
107484Solaris 10 (sparc) : 137080-09NessusSolaris Local Security Checks
high
107483Solaris 10 (sparc) : 137080-07NessusSolaris Local Security Checks
high
79961GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010NessusGentoo Local Security Checks
critical
67815Oracle Linux 4 / 5 : libpng (ELSA-2009-0333)NessusOracle Linux Local Security Checks
high
60539Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
43731CentOS 4 : libpng (CESA-2009:0333)NessusCentOS Local Security Checks
high
41209SuSE9 Security Update : libpng (YOU Patch Number 12141)NessusSuSE Local Security Checks
high
40392VMSA-2009-0007 : VMware Hosted products and ESX and ESXi patches resolve security issuesNessusVMware ESX Local Security Checks
high
40036openSUSE Security Update : libpng-devel (libpng-devel-66)NessusSuSE Local Security Checks
high
38744Mac OS X 10.5.x < 10.5.7 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
38060Mandriva Linux Security Advisory : libpng (MDVSA-2008:156)NessusMandriva Local Security Checks
high
37042Ubuntu 6.06 LTS / 7.10 / 8.04 LTS / 8.10 : libpng vulnerabilities (USN-730-1)NessusUbuntu Local Security Checks
high
35988Debian DSA-1750-1 : libpng - several vulnerabilitiesNessusDebian Local Security Checks
high
35775RHEL 2.1 / 4 / 5 : libpng (RHSA-2009:0333)NessusRed Hat Local Security Checks
high
35107GLSA-200812-15 : POV-Ray: User-assisted execution of arbitrary codeNessusGentoo Local Security Checks
high
4682Mac OS X < 10.5.5 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
34211Mac OS X 10.5.x < 10.5.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
34210Mac OS X Multiple Vulnerabilities (Security Update 2008-006)NessusMacOS X Local Security Checks
critical
33082Fedora 7 : libpng-1.2.29-1.fc7 (2008-4947)NessusFedora Local Security Checks
high
33081Fedora 9 : libpng-1.2.29-1.fc9 (2008-4910)NessusFedora Local Security Checks
high
33079Fedora 8 : libpng-1.2.29-1.fc8 (2008-4847)NessusFedora Local Security Checks
high
32460Fedora 7 : libpng10-1.0.37-1.fc7 (2008-3979)NessusFedora Local Security Checks
high
32459Fedora 8 : libpng10-1.0.37-1.fc8 (2008-3937)NessusFedora Local Security Checks
high
32458Fedora 9 : libpng10-1.0.37-1.fc9 (2008-3683)NessusFedora Local Security Checks
high
32301GLSA-200805-10 : Pngcrush: User-assisted execution of arbitrary codeNessusGentoo Local Security Checks
high
32110FreeBSD : png -- unknown chunk processing uninitialized memory access (57c705d6-12ae-11dd-bab7-0016179b2dd5)NessusFreeBSD Local Security Checks
high
32083Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2008-119-01)NessusSlackware Local Security Checks
high
32052SuSE 10 Security Update : libpng (ZYPP Patch Number 5181)NessusSuSE Local Security Checks
high
32024openSUSE 10 Security Update : libpng (libpng-5180)NessusSuSE Local Security Checks
high
31962GLSA-200804-15 : libpng: Execution of arbitrary codeNessusGentoo Local Security Checks
high
31337Solaris 10 (x86) : 137081-11 (deprecated)NessusSolaris Local Security Checks
high
31333Solaris 10 (sparc) : 137080-11 (deprecated)NessusSolaris Local Security Checks
high
5023Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
800792Mac OS X 10.5 < 10.5.7 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high