1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2010-10833

[FEDORA-2010-10833] Fedora 12: libpng10

Severity Critical
Affected Packages 1
CVEs 3
Info Packages References Vulnerabilities

This update addresses two security issues: * CVE-2010-1205, in which a buffer
overflow might allow remote attackers to execute arbitrary code via a PNG image
that triggers an additional data row. * CVE-2010-2249, in which a memory leak
allows remote attackers to cause a denial of service (memory consumption and
application crash) via a PNG image containing malformed Physical Scale (aka
sCAL) chunks.

Package Affected Version
pkg:rpm/fedora/libpng10?distro=fedora-12 < 1.0.54.1.fc12
ID
FEDORA-2010-10833
Severity
critical
Severity from
CVE-2010-1205
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2010-10833
Published
2010-07-20T22:45:56
(14 years ago)
Modified
2010-07-20T22:45:56
(14 years ago)
Rights
Copyright 2010 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 608238 Bug #608238 - CVE-2010-1205 libpng: out-of-bounds memory write https://bugzilla.redhat.com/show_bug.cgi?id=608238
Bugzilla 608644 Bug #608644 - CVE-2010-2249 libpng: Memory leak when processing Physical Scale (sCAL) images https://bugzilla.redhat.com/show_bug.cgi?id=608644
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/libpng10?distro=fedora-12 fedora libpng10 < 1.0.54.1.fc12 fedora-12
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date