FreeBSD : png -- multiple vulnerabilities (172acf78-780c-11dc-b3f4-0016179b2dd5)

Medium Nessus Plugin ID 26977


The remote FreeBSD host is missing a security-related update.


A Secunia Advisory reports :

Some vulnerabilities have been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service).

Certain errors within libpng, including a logical NOT instead of a bitwise NOT in pngtrtran.c, an error in the 16bit cheap transparency extension, and an incorrect use of sizeof() may be exploited to crash an application using the library.

Various out-of-bounds read errors exist within the functions png_handle_pCAL(), png_handle_sCAL(), png_push_read_tEXt(), png_handle_iTXt(), and png_handle_ztXt(), which may be exploited by exploited to crash an application using the library.

The vulnerability is caused due to an off-by-one error within the ICC profile chunk handling, which potentially can be exploited to crash an application using the library.


Update the affected package.

See Also

Plugin Details

Severity: Medium

ID: 26977

File Name: freebsd_pkg_172acf78780c11dcb3f40016179b2dd5.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2007/10/12

Modified: 2016/12/08

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:png, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2007/10/11

Vulnerability Publication Date: 2007/10/08

Reference Information

CVE: CVE-2007-5266, CVE-2007-5267, CVE-2007-5268, CVE-2007-5269

Secunia: 27093, 27130

CWE: 20, 189