Detections
Analytics

GLSA-200804-15 : libpng: Execution of arbitrary code

high Nessus Plugin ID 31962

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200804-15 (libpng: Execution of arbitrary code)

 Tavis Ormandy of the Google Security Team discovered that libpng does not handle zero-length unknown chunks in PNG files correctly, which might lead to memory corruption in applications that call png_set_read_user_chunk_fn() or png_set_keep_unknown_chunks().
 Impact :

 A remote attacker could entice a user or automated system to process a specially crafted PNG image in an application using libpng and possibly execute arbitrary code with the privileges of the user running the application. Note that processing of unknown chunks is disabled by default in most PNG applications, but some such as ImageMagick are affected.
 Workaround :

 There is no known workaround at this time.

Solution

All libpng users should upgrade to the latest version:
 # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.26-r1'

See Also

https://security.gentoo.org/glsa/200804-15

Plugin Details

Severity: High

ID: 31962

File Name: gentoo_GLSA-200804-15.nasl

Version: 1.16

Type: local

Published: 4/17/2008

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:libpng, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list

Exploit Ease: No known exploits are available

Patch Publication Date: 4/15/2008

Reference Information

CVE: CVE-2008-1382

BID: 28770

CWE: 189

GLSA: 200804-15