CVE-2009-2042
CVE-2009-2042
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://archives.neohapsis.com/archives/bugtraq/2010-04/0077.htmlhttp://archives.neohapsis.com/archives/fulldisclosure/2010-04/0121.htmlhttp://lists.apple.com/archives/security-announce/2010//Mar/msg00001.htmlhttp://lists.vmware.com/pipermail/security-announce/2010/000090.htmlhttp://secunia.com/advisories/35346http://secunia.com/advisories/35470http://secunia.com/advisories/35524http://secunia.com/advisories/35594http://secunia.com/advisories/39206http://secunia.com/advisories/39215http://secunia.com/advisories/39251http://security.gentoo.org/glsa/glsa-200906-01.xml