10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Chris Evans discovered several vulnerabilities in libpng:
CAN-2004-0597
Multiple buffer overflows exist, including when
handling transparency chunk data, which could be exploited to cause
arbitrary code to be executed when a specially crafted PNG image is
processed
CAN-2004-0598
Multiple NULL pointer dereferences in
png_handle_iCPP() and elsewhere could be exploited to cause an
application to crash when a specially crafted PNG image is processed
CAN-2004-0599
Multiple integer overflows in the png_handle_sPLT(),
png_read_png() functions and elsewhere could be exploited to cause an
application to crash, or potentially arbitrary code to be executed,
when a specially crafted PNG image is processed
In addition, a bug related to CAN-2002-1363 was fixed:
For the current stable distribution (woody), these problems have been
fixed in libpng3 version 1.2.1-1.1.woody.7 and libpng version
1.0.12-3.woody.7.
For the unstable distribution (sid), these problems will be fixed soon.
We recommend that you update your libpng and libpng3 packages.