CVE-2009-2042
CVE-2009-2042
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.htmlhttp://lists.apple.com/archives/security-announce/2010//Mar/msg00001.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000090.htmlhttp://secunia.com/advisories/35346http://secunia.com/advisories/35470http://secunia.com/advisories/35524http://secunia.com/advisories/35594http://secunia.com/advisories/39206http://secunia.com/advisories/39215http://secunia.com/advisories/39251http://security.gentoo.org/glsa/glsa-200906-01.xml