Detections
Analytics
Mandriva Linux Security Advisory : libpng (MDVSA-2010:133)
high Nessus Plugin ID 48192
Language:
Synopsis
The remote Mandriva Linux host is missing one or more security updates.Description
Multiple vulnerabilities has been found and corrected in libpng :Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file (CVE-2008-6218.
Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row (CVE-2010-1205).
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks (CVE-2010-2249).
As a precaution htmldoc has been rebuilt to link against the system libpng library for CS4 and 2008.0. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory.
Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90
The updated packages have been patched to correct these issues.
Solution
Update the affected packages.Plugin Details
Severity: High
ID: 48192
File Name: mandriva_MDVSA-2010-133.nasl
Version: 1.14
Type: local
Family: Mandriva Local Security Checks
Published: 7/30/2010
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: p-cpe:/a:mandriva:linux:htmldoc, p-cpe:/a:mandriva:linux:htmldoc-nogui, p-cpe:/a:mandriva:linux:lib64png-devel, p-cpe:/a:mandriva:linux:lib64png-static-devel, p-cpe:/a:mandriva:linux:lib64png3, p-cpe:/a:mandriva:linux:lib64xulrunner-devel, p-cpe:/a:mandriva:linux:lib64xulrunner1.9.2.6, p-cpe:/a:mandriva:linux:libpng-devel, p-cpe:/a:mandriva:linux:libpng-source, p-cpe:/a:mandriva:linux:libpng-static-devel, p-cpe:/a:mandriva:linux:libpng3, p-cpe:/a:mandriva:linux:libxulrunner-devel, p-cpe:/a:mandriva:linux:libxulrunner1.9.2.6, p-cpe:/a:mandriva:linux:mozilla-thunderbird, p-cpe:/a:mandriva:linux:mozilla-thunderbird-enigmail, p-cpe:/a:mandriva:linux:nsinstall, p-cpe:/a:mandriva:linux:xulrunner, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2009.0, cpe:/o:mandriva:linux:2009.1, cpe:/o:mandriva:linux:2010.0, cpe:/o:mandriva:linux:2010.1
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 7/15/2010
Reference Information
CVE: CVE-2008-6218, CVE-2010-1205, CVE-2010-2249
CWE: 399
MDVSA: 2010:133