libpng `png_decompress_chunk()´ Integer Overflow Vulnerability

Last Update Date: 22 May 2012 Release Date: 17 Feb 2012 4687 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Graphics & Design

TYPE: Graphics & Design

A vulnerability has been identified in libpng, which can be exploited by malicious people to potentially compromise an application using the library.

The vulnerability is caused due to an integer overflow error within the "png_decompress_chunk()" function (pngrutil.c) when uncompressing certain chunks, which can be exploited to cause a heap-based buffer overflow.

Successful exploitation may allow execution of arbitrary code but requires tricking the user into opening a specially crafted PNG file.

Impact

  • Remote Code Execution

System / Technologies affected

  • libpng 1.x

Solutions

  • Do not open PNG files from untrusted sources.

Vulnerability Identifier

Source

Related Link

Share with

Previous

OpenSSL `asn1_d2i_read_bio()´ DER Format Data Processing Vulnerability

20 Apr 2012 4629 Views

Next

PHP `php_register_variable_ex()´ Code Execution Vulnerability

6 Feb 2012 4341 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY