Lucene search

K
vmwareVMwareVMSA-2009-0010.1
HistoryAug 20, 2009 - 12:00 a.m.

VMware Hosted products update libpng and Apache HTTP Server

2009-08-2000:00:00
www.vmware.com
50

EPSS

0.857

Percentile

98.6%

a. Third Party Library libpng Updated to 1.2.35Several flaws were discovered in the way third party library libpnghandled uninitialized pointers. An attacker could create a PNG imagefile in such a way, that when loaded by an application linked tolibpng, it could cause the application to crash or execute arbitrarycode at the privilege level of the user that runs the application.The Common Vulnerabilities and Exposures project (cve.mitre.org)has assigned the name CVE-2009-0040 to this issue.The following table lists what action remediates the vulnerability(column 4) if a solution is available.