CVE-2010-1205

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

References

http://blackberry.com/btsc/KB27244

http://code.google.com/p/chromium/issues/detail?id=45983

http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18

http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://lists.vmware.com/pipermail/security-announce/2010/000105.html

http://secunia.com/advisories/40302

http://secunia.com/advisories/40336

http://secunia.com/advisories/40472

http://secunia.com/advisories/40547

http://secunia.com/advisories/41574

http://secunia.com/advisories/42314

http://secunia.com/advisories/42317

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061

http://support.apple.com/kb/HT4312

http://support.apple.com/kb/HT4435

http://support.apple.com/kb/HT4456

http://support.apple.com/kb/HT4457

http://support.apple.com/kb/HT4554

http://support.apple.com/kb/HT4566

http://trac.webkit.org/changeset/61816

http://www.debian.org/security/2010/dsa-2072

http://www.libpng.org/pub/png/libpng.html

http://www.mandriva.com/security/advisories?name=MDVSA-2010:133

http://www.mozilla.org/security/announce/2010/mfsa2010-41.html

http://www.securityfocus.com/bid/41174

http://www.ubuntu.com/usn/USN-960-1

http://www.vmware.com/security/advisories/VMSA-2010-0014.html

http://www.vupen.com/english/advisories/2010/1612

http://www.vupen.com/english/advisories/2010/1637

http://www.vupen.com/english/advisories/2010/1755

http://www.vupen.com/english/advisories/2010/1837

http://www.vupen.com/english/advisories/2010/1846

http://www.vupen.com/english/advisories/2010/1877

http://www.vupen.com/english/advisories/2010/2491

http://www.vupen.com/english/advisories/2010/3045

http://www.vupen.com/english/advisories/2010/3046

https://bugs.webkit.org/show_bug.cgi?id=40798

https://bugzilla.mozilla.org/show_bug.cgi?id=570451

https://bugzilla.redhat.com/show_bug.cgi?id=608238

https://exchange.xforce.ibmcloud.com/vulnerabilities/59815

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851

Details

Source: MITRE

Published: 2010-06-30

Updated: 2020-08-14

Type: CWE-120

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions from 2.0 to 4.1 (inclusive)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*

cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*

Configuration 7

OR

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

Configuration 8

OR

cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Configuration 9

OR

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Tenable Plugins

View all (83 total)

IDNameProductFamilySeverity
79964GLSA-201412-11 : AMD64 x86 emulation base libraries: Multiple vulnerabilities (Heartbleed)NessusGentoo Local Security Checks
critical
79961GLSA-201412-08 : Multiple packages, Multiple vulnerabilities fixed in 2010NessusGentoo Local Security Checks
critical
75731openSUSE Security Update : seamonkey (openSUSE-SU-2010:0430-1)NessusSuSE Local Security Checks
high
75669openSUSE Security Update : mozilla-xulrunner191 (mozilla-xulrunner191-2779)NessusSuSE Local Security Checks
high
75658openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)NessusSuSE Local Security Checks
high
75646openSUSE Security Update : MozillaFirefox (MozillaFirefox-2807)NessusSuSE Local Security Checks
critical
68068Oracle Linux 4 / 5 : firefox (ELSA-2010-0547)NessusOracle Linux Local Security Checks
high
68067Oracle Linux 3 / 4 : seamonkey (ELSA-2010-0546)NessusOracle Linux Local Security Checks
high
68063Oracle Linux 3 / 4 / 5 : libpng (ELSA-2010-0534)NessusOracle Linux Local Security Checks
high
63939RHEL 5 : thunderbird (RHSA-2010:0545)NessusRed Hat Local Security Checks
critical
63402GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)NessusGentoo Local Security Checks
critical
60822Scientific Linux Security Update : thunderbird on SL5.x i386/x86_64NessusScientific Linux Local Security Checks
critical
60820Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64NessusScientific Linux Local Security Checks
high
60818Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
60816Scientific Linux Security Update : libpng on SL3.x, SL4.x, SL5.x i386/x86_64NessusScientific Linux Local Security Checks
high
55819BlackBerry Enterprise Server PNG and TIFF Image Processing Vulnerabilities (KB27244)NessusWindows
critical
801013Safari < 5.0.4 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5813Safari < 5.0.4 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
52613Safari < 5.0.4 Multiple VulnerabilitiesNessusWindows
high
5806iTunes < 10.2 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
52535Apple iTunes < 10.2 Multiple Vulnerabilities (uncredentialed check)NessusPeer-To-Peer File Sharing
high
52534Apple iTunes < 10.2 Multiple Vulnerabilities (credentialed check)NessusWindows
high
50941SuSE 11 / 11.1 Security Update : libpng (SAT Patch Numbers 3045 / 3046)NessusSuSE Local Security Checks
high
50874SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2780 / 2781)NessusSuSE Local Security Checks
high
5715Apple iOS < 4.2 Multiple VulnerabilitiesNessus Network MonitorMobile Devices
critical
800791Mac OS X 10.6 < 10.6.5 Multiple VulnerabilitiesLog Correlation EngineOperating System Detection
high
5705Mac OS X 10.6 < 10.6.5 Multiple VulnerabilitiesNessus Network MonitorGeneric
critical
50549Mac OS X Multiple Vulnerabilities (Security Update 2010-007)NessusMacOS X Local Security Checks
high
50548Mac OS X 10.6.x < 10.6.5 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
49894SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7101)NessusSuSE Local Security Checks
high
49882SuSE 10 Security Update : libpng (ZYPP Patch Number 7144)NessusSuSE Local Security Checks
high
49771GLSA-201010-01 : Libpng: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
49193openSUSE Security Update : libpng-devel (openSUSE-SU-2010:0594-1)NessusSuSE Local Security Checks
high
49192openSUSE Security Update : libpng-devel (openSUSE-SU-2010:0594-1)NessusSuSE Local Security Checks
high
49191SuSE9 Security Update : libpng (YOU Patch Number 12642)NessusSuSE Local Security Checks
high
48424Mac OS X Multiple Vulnerabilities (Security Update 2010-005)NessusMacOS X Local Security Checks
high
48342CentOS 3 : seamonkey (CESA-2010:0546)NessusCentOS Local Security Checks
high
48192Mandriva Linux Security Advisory : libpng (MDVSA-2010:133)NessusMandriva Local Security Checks
high
47907openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0430-3)NessusSuSE Local Security Checks
high
47906openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0430-3)NessusSuSE Local Security Checks
high
47889Debian DSA-2075-1 : xulrunner - several vulnerabilitiesNessusDebian Local Security Checks
high
47881RHEL 4 / 5 : firefox (RHSA-2010:0547)NessusRed Hat Local Security Checks
high
47880RHEL 3 / 4 : seamonkey (RHSA-2010:0546)NessusRed Hat Local Security Checks
high
47876RHEL 3 / 4 / 5 : libpng (RHSA-2010:0534)NessusRed Hat Local Security Checks
high
47868openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)NessusSuSE Local Security Checks
high
47857Ubuntu 10.04 LTS : thunderbird vulnerabilities (USN-958-1)NessusUbuntu Local Security Checks
high
47856Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerability (USN-957-2)NessusUbuntu Local Security Checks
critical
47854openSUSE Security Update : seamonkey (openSUSE-SU-2010:0430-1)NessusSuSE Local Security Checks
high
47837Fedora 13 : mingw32-libpng-1.2.44-1.fc13 (2010-10793)NessusFedora Local Security Checks
high
47836Fedora 12 : mingw32-libpng-1.2.44-1.fc12 (2010-10776)NessusFedora Local Security Checks
high
47826Ubuntu 8.04 LTS / 10.04 LTS : firefox, firefox-3.0, xulrunner-1.9.2 vulnerabilities (USN-957-1)NessusUbuntu Local Security Checks
high
47825Ubuntu 9.04 / 9.10 : ant, apturl, epiphany-browser, gluezilla, gnome-python-extras, liferea, mozvoikko, openjdk-6, packagekit, ubufox, webfav, yelp update (USN-930-5)NessusUbuntu Local Security Checks
critical
47824Ubuntu 9.04 / 9.10 : firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities (USN-930-4)NessusUbuntu Local Security Checks
critical
47813Fedora 13 : sunbird-1.0-0.26.b2pre.fc13 / thunderbird-3.1.1-1.fc13 (2010-11379)NessusFedora Local Security Checks
high
47812Fedora 12 : firefox-3.5.11-1.fc12 / galeon-2.0.7-24.fc12 / gnome-python2-extras-2.25.3-19.fc12 / etc (2010-11375)NessusFedora Local Security Checks
high
47811Fedora 12 : seamonkey-2.0.6-1.fc12 (2010-11363)NessusFedora Local Security Checks
high
47810Fedora 12 : sunbird-1.0-0.23.20090916hg.fc12 / thunderbird-3.0.6-1.fc12 (2010-11361)NessusFedora Local Security Checks
critical
47809Fedora 13 : firefox-3.6.7-1.fc13 / galeon-2.0.7-30.fc13 / gnome-python2-extras-2.25.3-20.fc13 / etc (2010-11345)NessusFedora Local Security Checks
high
47807Fedora 13 : seamonkey-2.0.6-1.fc13 (2010-11327)NessusFedora Local Security Checks
high
47806CentOS 4 / 5 : firefox (CESA-2010:0547)NessusCentOS Local Security Checks
high
47805CentOS 5 : thunderbird (CESA-2010:0545)NessusCentOS Local Security Checks
critical
47794FreeBSD : mozilla -- multiple vulnerabilities (8c2ea875-9499-11df-8e32-000f20797ede)NessusFreeBSD Local Security Checks
high
47781Firefox < 3.5.11 Multiple VulnerabilitiesNessusWindows
high
800871SeaMonkey 2.0.x < 2.0.6 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
800782Firefox 3.5.x < 3.5.11 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
800780Firefox 3.6.x < 3.6.7 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
5610SeaMonkey 2.0.x < 2.0.6 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
5609Mozilla Thunderbird 3.1.x < 3.1.1 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
medium
5608Mozilla Thunderbird 3.0.x < 3.0.6 Multiple VulnerabilitiesNessus Network MonitorSMTP Clients
medium
5607Mozilla Firefox 3.6.x < 3.6.7 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
5606Mozilla Firefox 3.5.x < 3.5.11 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
47785SeaMonkey < 2.0.6 Multiple Vulnerabilities NessusWindows
high
47784Mozilla Thunderbird 3.1.x < 3.1.1 Multiple VulnerabilitiesNessusWindows
high
47783Mozilla Thunderbird < 3.0.6 Multiple VulnerabilitiesNessusWindows
high
47772Fedora 12 : libpng10-1.0.54-1.fc12 (2010-10833)NessusFedora Local Security Checks
high
47771Fedora 13 : libpng10-1.0.54-1.fc13 (2010-10823)NessusFedora Local Security Checks
high
47767Debian DSA-2072-1 : libpng - several vulnerabilitiesNessusDebian Local Security Checks
high
47741CentOS 3 / 4 / 5 : libpng / libpng10 (CESA-2010:0534)NessusCentOS Local Security Checks
high
47695Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libpng vulnerabilities (USN-960-1)NessusUbuntu Local Security Checks
high
47599Fedora 12 : libpng-1.2.44-1.fc12 (2010-10592)NessusFedora Local Security Checks
high
47587Fedora 13 : libpng-1.2.44-1.fc13 (2010-10557)NessusFedora Local Security Checks
high
47562Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 8.1 / 9.0 / 9.1 / current : libpng (SSA:2010-180-01)NessusSlackware Local Security Checks
high
47155FreeBSD : png -- libpng decompression buffer overflow (edef3f2f-82cf-11df-bcce-0018f3e2eb82)NessusFreeBSD Local Security Checks
high