Security

« Sun Alert 245806 A... | Main | Sun Security Toolkit... »

28 May 2009 Sun Alert 259989 Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation
posted by chandan in Alerts

Product: Solaris 8 Operating System Solaris 9 Operating System Solaris 10 Operating System OpenSolaris Operating system

Multiple security vulnerabilities in libpng(3), which is shipped with
Solaris, may allow a local or remote unprivileged user to cause a
denial of service (DoS) of applications linked to libpng(3), or
potentially to execute arbitrary code with the privileges of the user
running the application, when a user has loaded a specially crafted
Portable Network Graphics (PNG) format image file (.png) supplied by
an untrusted user.

These issues are also referenced in the following documents:

CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5267
CVE-2008-3964 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3964
CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5266
CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5268
CVE-2007-5269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5269
CVE-2008-1382 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040
CERT VU#649212 http://www.kb.cert.org/vuls/id/649212

State: Workaround

First released: 28-May-2009

Sun Alert Link: http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1

Permalink |

Comments: