CVE-2010-2249

Priority
Medium
Description
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3,
allows remote attackers to cause a denial of service (memory consumption
and application crash) via a PNG image containing malformed Physical Scale
(aka sCAL) chunks.
References
Bugs
Notes
 jdstrand> chromium uses libpng on Ubuntu 10.04 and later
 jdstrand> firefox uses libpng on Ubuntu 10.04 and later
Package
Upstream:released (1.2.44,1.4.3)
Patches:
Upstream:http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20
Package
Upstream:needs-triage
Package
Upstream:needs-triage
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:38:41 UTC (commit 9756)