FreeBSD : png -- heap overflow for 32-bit builds (c564f9bd-8ba7-11e4-801f-0022156e8794)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

32-bit builds of PNG library are vulnerable to an unsigned integer
overflow that is triggered by a crafted wide interlaced images.
Overflow results in a heap corruption that will crash the application
and may lead to the controlled overwrite of a selected portions of
process address space.

See also :

http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt
http://www.nessus.org/u?6b06e7d5
http://www.nessus.org/u?573c73b4

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 80352 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now