CVE-2010-1205

Priority
Medium
Description
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before
1.4.3, as used in progressive applications, might allow remote attackers to
execute arbitrary code via a PNG image that triggers an additional data
row.
References
Bugs
Package
Upstream:released (1.2.44,1.4.3)
Ubuntu 8.04 LTS (Hardy Heron):released (1.2.15~beta5-3ubuntu0.3)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.2.42-1ubuntu2.1)
Package
Upstream:released (3.0.6)
Ubuntu 8.04 LTS (Hardy Heron):not-affected
Ubuntu 10.04 LTS (Lucid Lynx):released (3.0.6+build2+nobinonly-0ubuntu0.10.04.1)
Package
Upstream:released (5.0.375.99)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Ubuntu 10.04 LTS (Lucid Lynx):released (6.0.472.53~r57914-0ubuntu0.10.04.1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):ignored (uses system libpng)
Ubuntu 10.04 LTS (Lucid Lynx):released (3.6.7+build2+nobinonly-0ubuntu0.10.04.1)
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):released (1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2)
Ubuntu 10.04 LTS (Lucid Lynx):released (1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:20:50 UTC (commit 5347)