Doxygen is a documentation system for C, C++ and IDL. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities :

Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to 'chunk error processing,' possibly involving the 'chunk_name'. (CVE-2006-3334)

It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12.

Tavis Ormandy, of the Gentoo Linux Security Auditing Team, discovered a typo in png_set_sPLT() that may cause an application using libpng to read out of bounds, resulting in a crash. (CVE-2006-5793)

In addition, an patch to address several old vulnerabilities has been applied to this build. (CVE-2002-1363, CVE-2004-0421, CVE-2004-0597, CVE-2004-0598, CVE-2004-0599)

Packages have been patched to correct these issues.

Glenn Randers-Pehrson discovered a problem in connection with 16-bit samples from libpng, an interface for reading and writing PNG (Portable Network Graphics) format files. The starting offsets for the loops are calculated incorrectly which causes a buffer overrun beyond the beginning of the row buffer.

Updated mICQ packages are available which fix a remote crash.

mICQ is an online messaging and conferencing program.

mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character.

Users of mICQ are advised to upgrade to these erratum packages containing mICQ version 0.4.10.2 which is not vulnerable to this issue.

A buffer overflow vulnerability was discovered in libpng due to a wrong calculation of some loop offset values. This buffer overflow can lead to Denial of Service or even remote compromise.

After the upgrade, all applications that use libpng should be restarted. Many applications are linked to libpng, so if you are unsure of what applications to restart, you may wish to reboot the system. MandrakeSoft encourages all users to upgrade immediately.

Chromium is an OpenGL-based shoot them up game with fine graphics. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities :

Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to 'chunk error processing,' possibly involving the 'chunk_name'. (CVE-2006-3334)

It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12.

In addition, an patch to address several old vulnerabilities has been applied to this build. (CVE-2002-1363, CVE-2004-0421, CVE-2004-0597, CVE-2004-0598, CVE-2004-0599)

Packages have been patched to correct these issues.

The remote host is missing Security Update 2004-08-09.

libpng is a library used for manipulating graphics files.  Several buffer overflows have been discovered in libpng.  A remote attacker could exploit these vulnerabilities by tricking a user into opening a maliciously crafted PNG file, resulting in the execution of arbitrary code.

Updated libpng packages that fix a possible buffer overflow are now available.

The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.

During an audit of Red Hat Linux updates, the Fedora Legacy team found a security issue in libpng that had not been fixed in Red Hat Enterprise Linux 3. An attacker could carefully craft a PNG file in such a way that it would cause an application linked to libpng to crash or potentially execute arbitrary code when opened by a victim.

Note: this issue does not affect Red Hat Enterprise Linux 2.1

Users are advised to upgrade to these updated packages that contain a backported security fix and are not vulnerable to this issue.

The remote host is affected by the vulnerability described in GLSA-200407-06 (libpng: Buffer overflow on row buffers)

    Due to a wrong calculation of loop offset values, libpng contains a buffer     overflow vulnerability on the row buffers. This vulnerability was initially     patched in January 2003 but since it has been discovered that libpng     contains the same vulnerability in two other places.
  Impact :

    An attacker could exploit this vulnerability to cause programs linked     against the library to crash or execute arbitrary code with the permissions     of the user running the vulnerable program, which could be the root user.
  Workaround :

    There is no known workaround at this time. All users are encouraged to     upgrade to the latest available version.

A buffer overflow vulnerability was discovered in libpng due to a wrong calculation of some loop offset values. This buffer overflow can lead to Denial of Service or even remote compromise.

This vulnerability was initially patched in January of 2003, but it has since been noted that fixes were required in two additional places that had not been corrected with the earlier patch. This update uses an updated patch to fix all known issues.

After the upgrade, all applications that use libpng should be restarted. Many applications are linked to libpng, so if you are unsure of what applications to restart, you may wish to reboot the system. Mandrakesoft encourages all users to upgrade immediately.

Updated libpng packages that fix several issues are now available.

The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files.

During a source code audit, Chris Evans discovered several buffer overflows in libpng. An attacker could create a carefully crafted PNG file in such a way that it would cause an application linked with libpng to execute arbitrary code when the file was opened by a victim.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0597 to these issues.

In addition, this audit discovered a potential NULL pointer dereference in libpng (CVE-2004-0598) and several integer overflow issues (CVE-2004-0599). An attacker could create a carefully crafted PNG file in such a way that it would cause an application linked with libpng to crash when the file was opened by the victim.

Red Hat would like to thank Chris Evans for discovering these issues.

For users of Red Hat Enterprise Linux 2.1 these patches also include a more complete fix for the out of bounds memory access flaw (CVE-2002-1363).

All users are advised to update to the updated libpng packages which contain backported security patches and are not vulnerable to these issues.

Updated libpng packages are available which fix a buffer overflow vulnerability.

[Updated 06 Feb 2003] Added fixed packages for Advanced Workstation 2.1

The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format.

Unpatched versions of libpng 1.2.1 and earlier do not correctly calculate offsets, which leads to a buffer overflow and the possibility of arbitrary code execution. This could be exploited by an attacker creating a carefully crafted PNG file which could execute arbitrary code when the victim views it.

Packages within Red Hat Linux Advanced Server, such as Mozilla, make use of the shared libpng library. All users are advised to upgrade to the errata packages, which contain libpng 1.0.14 with a backported patch that corrects this issue.

The remote host is missing the patch for the advisory SUSE-SA:2003:0004 (libpng).


The library libpng provides several functions to encode, decode and manipulate Portable Network Graphics (PNG) image files.
Due to wrong calculation of some loop offset values a buffer overflow can occur. The buffer overflow can lead to Denial-of-Service or even to remote compromise.

After updating libpng all applications that use libpng should be restarted. Due to the fact that a lot of applications are linked with libpng it may be necessary to switch to runlevel S and back to the previous runlevel or even to reboot the system.

There is no temporary fix known. Please install the new packages from our FTP servers.

Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement.
Then, install the package using the command 'rpm -Fhv file.rpm' to apply the update.

ID	Name	Product	Family	Published	Updated	Severity
24597	Mandrake Linux Security Advisory : doxygen (MDKSA-2006:212)	Nessus	Mandriva Local Security Checks	2/18/2007	1/6/2021	critical
15050	Debian DSA-213-1 : libpng - buffer overflow	Nessus	Debian Local Security Checks	9/29/2004	1/4/2021	high
12384	RHEL 2.1 : micq (RHSA-2003:119)	Nessus	Red Hat Local Security Checks	7/6/2004	1/14/2021	high
13993	Mandrake Linux Security Advisory : libpng (MDKSA-2003:008)	Nessus	Mandriva Local Security Checks	7/31/2004	1/6/2021	high
24598	Mandrake Linux Security Advisory : chromium (MDKSA-2006:213)	Nessus	Mandriva Local Security Checks	2/18/2007	1/6/2021	critical
14242	Mac OS X Multiple Vulnerabilities (Security Update 2004-08-09)	Nessus	MacOS X Local Security Checks	8/10/2004	5/28/2024	medium
12507	RHEL 3 : libpng (RHSA-2004:249)	Nessus	Red Hat Local Security Checks	7/6/2004	1/14/2021	high
14539	GLSA-200407-06 : libpng: Buffer overflow on row buffers	Nessus	Gentoo Local Security Checks	8/30/2004	1/6/2021	high
14162	Mandrake Linux Security Advisory : libpng (MDKSA-2004:063)	Nessus	Mandriva Local Security Checks	7/31/2004	1/6/2021	high
14213	RHEL 2.1 / 3 : libpng (RHSA-2004:402)	Nessus	Red Hat Local Security Checks	8/5/2004	1/14/2021	critical
12348	RHEL 2.1 : libpng (RHSA-2003:007)	Nessus	Red Hat Local Security Checks	7/6/2004	1/14/2021	high
13770	SUSE-SA:2003:0004: libpng	Nessus	SuSE Local Security Checks	7/25/2004	1/14/2021	high

Detections

Analytics

Plugins Search

critical

high

high

high

critical

medium

high

high

high

critical

high

high