|
|
|
Vulnerability Note VU#649212
libpng fails to properly initialize element pointers
OverviewLibpng contains a vulnerability in the way element pointers are handled.
I. DescriptionA vulnerability in the way libpng handles element pointers may result in uninitialized element pointers. This vulnerability is due to an off-by-one error introduced in multiple functions in libpng-0.89c. According to the PNG Development Group:
If the application runs out of memory during the loop, some of the element pointers will be uninitialized. Libpng will then longjmp to a cleanup process that attempts to free all of the elements in the array, including the uninitialized ones. This behavior could be forced by a malevolent input.
Note that this issue affects all versions of libpng prior to libpng-1.0.43 and libpng-1.2.35.
II. ImpactThis vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
III. SolutionUpgrade
The PNG Development Group has issued an upgrade to address this issue. See libpng version 1.2.35 for more information.
Systems Affected
| Vendor | Status | Date Updated |
|---|
| 3com, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| ACCESS | Unknown | 2009-03-05 | 2009-03-05 |
| Alcatel-Lucent | Unknown | 2009-03-05 | 2009-03-05 |
| Apple Computer, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| AT&T | Unknown | 2009-03-05 | 2009-03-05 |
| Avaya, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Barracuda Networks | Unknown | 2009-03-05 | 2009-03-05 |
| Belkin, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Borderware Technologies | Unknown | 2009-03-05 | 2009-03-05 |
| Bro | Unknown | 2009-03-05 | 2009-03-05 |
| Charlotte's Web Networks | Unknown | 2009-03-05 | 2009-03-05 |
| Check Point Software Technologies | Unknown | 2009-03-05 | 2009-03-05 |
| Cisco Systems, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Clavister | Unknown | 2009-03-05 | 2009-03-05 |
| Computer Associates | Unknown | 2009-03-05 | 2009-03-05 |
| Computer Associates eTrust Security Management | Unknown | 2009-03-05 | 2009-03-05 |
| Conectiva Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Cray Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| D-Link Systems, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Debian GNU/Linux | Unknown | 2009-03-05 | 2009-03-05 |
| DragonFly BSD Project | Unknown | 2009-03-05 | 2009-03-05 |
| EMC Corporation | Unknown | 2009-03-05 | 2009-03-05 |
| Engarde Secure Linux | Unknown | 2009-03-05 | 2009-03-05 |
| Enterasys Networks | Unknown | 2009-03-05 | 2009-03-05 |
| Ericsson | Unknown | 2009-03-05 | 2009-03-05 |
| eSoft, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Extreme Networks | Unknown | 2009-03-05 | 2009-03-05 |
| F5 Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Fedora Project | Unknown | 2009-03-05 | 2009-03-05 |
| Force10 Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Fortinet, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Foundry Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| FreeBSD, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Fujitsu | Unknown | 2009-03-05 | 2009-03-05 |
| Gentoo Linux | Unknown | 2009-03-05 | 2009-03-05 |
| Global Technology Associates | Unknown | 2009-03-05 | 2009-03-05 |
| Hewlett-Packard Company | Unknown | 2009-03-05 | 2009-03-05 |
| Hitachi | Unknown | 2009-03-05 | 2009-03-05 |
| IBM Corporation | Unknown | 2009-03-05 | 2009-03-05 |
| IBM Corporation (zseries) | Unknown | 2009-03-05 | 2009-03-05 |
| IBM eServer | Unknown | 2009-03-05 | 2009-03-05 |
| Ingrian Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Intel Corporation | Unknown | 2009-03-05 | 2009-03-05 |
| Internet Security Systems, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Intoto | Unknown | 2009-03-05 | 2009-03-05 |
| IP Filter | Unknown | 2009-03-05 | 2009-03-05 |
| Juniper Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| libpng | Vulnerable | | 2009-03-02 |
| Luminous Networks | Unknown | 2009-03-05 | 2009-03-05 |
| m0n0wall | Unknown | 2009-03-05 | 2009-03-05 |
| Mandriva S. A. | Unknown | 2009-03-05 | 2009-03-05 |
| McAfee | Unknown | 2009-03-05 | 2009-03-05 |
| Microsoft Corporation | Unknown | 2009-03-05 | 2009-03-05 |
| MontaVista Software, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Multitech, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| NEC Corporation | Unknown | 2009-03-05 | 2009-03-05 |
| NetApp | Unknown | 2009-03-05 | 2009-03-05 |
| NetBSD | Unknown | 2009-03-05 | 2009-03-05 |
| netfilter | Unknown | 2009-03-05 | 2009-03-05 |
| Nokia | Unknown | 2009-03-05 | 2009-03-05 |
| Nortel Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Novell, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| OpenBSD | Unknown | 2009-03-05 | 2009-03-05 |
| Openwall GNU/*/Linux | Unknown | 2009-03-05 | 2009-03-05 |
| PePLink | Unknown | 2009-03-05 | 2009-03-05 |
| Process Software | Unknown | 2009-03-05 | 2009-03-05 |
| Q1 Labs | Unknown | 2009-03-05 | 2009-03-05 |
| QNX, Software Systems, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Quagga | Unknown | 2009-03-05 | 2009-03-05 |
| RadWare, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Red Hat, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Redback Networks, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Secureworx, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Silicon Graphics, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Slackware Linux Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| SmoothWall | Unknown | 2009-03-05 | 2009-03-05 |
| Snort | Unknown | 2009-03-05 | 2009-03-05 |
| Soapstone Networks | Unknown | 2009-03-05 | 2009-03-05 |
| Sony Corporation | Unknown | 2009-03-05 | 2009-03-05 |
| Sourcefire | Unknown | 2009-03-05 | 2009-03-05 |
| Stonesoft | Unknown | 2009-03-05 | 2009-03-05 |
| Sun Microsystems, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| SUSE Linux | Unknown | 2009-03-05 | 2009-03-05 |
| Symantec, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| The SCO Group | Unknown | 2009-03-05 | 2009-03-05 |
| TippingPoint, Technologies, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Turbolinux | Unknown | 2009-03-05 | 2009-03-05 |
| U4EA Technologies, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Ubuntu | Unknown | 2009-03-05 | 2009-03-05 |
| Unisys | Unknown | 2009-03-05 | 2009-03-05 |
| Vyatta | Unknown | 2009-03-05 | 2009-03-05 |
| Watchguard Technologies, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| Wind River Systems, Inc. | Unknown | 2009-03-05 | 2009-03-05 |
| ZyXEL | Unknown | 2009-03-05 | 2009-03-05 |
References
http://secunia.com/advisories/33970/3/
Credit
This issue was reported by the PNG Development Group in libpng version 1.2.35.
This document was written by Chris Taschner.
Other Information
| Date Public | 02/19/2009 |
| Date First Published | 03/02/2009 03:16:45 PM |
| Date Last Updated | 03/06/2009 |
| CERT Advisory | |
| CVE Name | CVE-2009-0040 |
| Metric | 3.49 |
| Document Revision | 11 |
If you have feedback, comments, or additional information about this vulnerability, please send us
email.
|
 |
