Apple Computer, Inc. Information for VU#236656

libpng png_handle_iCCP() NULL pointer dereference

Status

Affected

Vendor Statement

APPLE-SA-2004-09-09 Mac OS X 10.3.5

Mac OS X 10.3.5 is now available and delivers security enhancements
for the following components:

Component: libpng (Portable Network Graphics)
CVE-IDs: CAN-2002-1363, CAN-2004-0421, CAN-2004-0597,
CAN-2004-0598, CAN-2004-0599
Impact: Malicious png images can cause application crashes and could
execute arbitrary code

Description: A number of buffer overflows, null pointer dereferences
and integer overflows have been discovered in the reference library
for reading and writing PNG images. These vulnerabilities have been
corrected in libpng which is used by the CoreGraphics and AppKit
frameworks in Mac OS X. After installing this update, applications
that use the PNG image format via these frameworks will be protected
against these flaws.

Note: The libpng security fixes are also available separately for Mac
OS X 10.3.4 and Mac OS X 10.2.8 via Security Update 2004-08-09.

Mac OS X 10.3.5 may be obtained from the Software Update
pane in System Preferences, or Apple's Software Downloads web site:
http://www.apple.com/support/downloads/

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.