FreeBSD : png -- multiple vulnerabilities (172acf78-780c-11dc-b3f4-0016179b2dd5)

medium Nessus Plugin ID 26977

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

A Secunia Advisory reports :

Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).

Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency extension, and an incorrect use of sizeof() may be exploited to crash an application using the library.

Various out-of-bounds read errors exist within the functions png_handle_pCAL(), png_handle_sCAL(), png_push_read_tEXt(), png_handle_iTXt(), and png_handle_ztXt(), which may be exploited by exploited to crash an application using the library.

The vulnerability is caused due to an off-by-one error within the ICC profile chunk handling, which potentially can be exploited to crash an application using the library.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?0cf92e5d

Plugin Details

Severity: Medium

ID: 26977

File Name: freebsd_pkg_172acf78780c11dcb3f40016179b2dd5.nasl

Version: 1.16

Type: local

Published: 10/12/2007

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:png, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/11/2007

Vulnerability Publication Date: 10/8/2007

Reference Information

CVE: CVE-2007-5266, CVE-2007-5267, CVE-2007-5268, CVE-2007-5269

CWE: 189, 20

Secunia: 27093, 27130