vulnerability 11340

libpng: memory corruption via PNG

Synthesis of the vulnerability

An attacker can invite the victim to open a malicious PNG image with an application linked to libpng, in order to create an overflow of one byte, which stops the application, and could lead to code execution.

Severity: 2/4. Creation date: 02/02/2012.

Impacted products

• Unix - plateform

Description of the vulnerability

The libpng library processes PNG images. It is used by several applications. When an image is malformed, the png_formatted_warning() function of the pngerror.c file generates a warning message. However, if this message is too long, it is not correctly truncated, and an overflow of one byte occurs. An attacker can therefore invite the victim to open a malicious PNG image with an application linked to libpng, in order to create an overflow of one byte, which stops the application, and could lead to code execution.

Share this bulletin

Complete Vigil@nce bulletin

libpng: memory corruption via PNG

Characteristics

Title: libpng: memory corruption via PNG. Keywords: PNG corruption libpng memory png_formatted_warning. Identifiers: BID-51823, VIGILANCE-VUL-11340.

Information sources

Publications and announces Source example: Vulnerability Warning

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

Vigil@nce provides a systems vulnerabilities patch. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.