ID CVE-2006-3334
Summary Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". Upgrade to 1.2.12
References
Vulnerable Configurations
  • cpe:2.3:a:greg_roelofs:libpng:1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.7rc1:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.7rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:1.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:1.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:greg_roelofs:libpng:*:*:*:*:*:*:*:*
    cpe:2.3:a:greg_roelofs:libpng:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-10-2018 - 16:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
apple APPLE-SA-2008-03-18
bid 18698
bugtraq 20060719 rPSA-2006-0133-1 libpng
confirm
gentoo
  • GLSA-200607-06
  • GLSA-200812-15
mandriva
  • MDKSA-2006:209
  • MDKSA-2006:210
  • MDKSA-2006:211
  • MDKSA-2006:212
  • MDKSA-2006:213
secunia
  • 20960
  • 22956
  • 22957
  • 22958
  • 23335
  • 29420
  • 33137
suse
  • SUSE-SR:2006:016
  • SUSE-SR:2006:028
vupen
  • ADV-2006-2585
  • ADV-2008-0924
xf libpng-pngdecompresschunk-bo(27468)
statements via4
contributor Mark J Cox
lastmodified 2007-05-14
organization Red Hat
statement On Red Hat Enterprise Linux 2.1, 3, 4, and 5 this is a two-byte overflow into the middle of the stack and is not exploitable.
Last major update 18-10-2018 - 16:46
Published 30-06-2006 - 23:05
Last modified 18-10-2018 - 16:46
Back to Top