6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.877 High
EPSS
Percentile
98.6%
a. Third Party Library libpng Updated to 1.2.35Several flaws were discovered in the way third party library libpnghandled uninitialized pointers. An attacker could create a PNG imagefile in such a way, that when loaded by an application linked tolibpng, it could cause the application to crash or execute arbitrarycode at the privilege level of the user that runs the application.The Common Vulnerabilities and Exposures project (cve.mitre.org)has assigned the name CVE-2009-0040 to this issue.The following table lists what action remediates the vulnerability(column 4) if a solution is available.
CPE | Name | Operator | Version |
---|---|---|---|
workstation | lt | 6.5.3 build 185404 | |
player | lt | 2.5.3 build 185404 | |
ace | lt | 2.5.3 build 185404 | |
ace | lt | update Apache on host system |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1863
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3304
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040