漏洞信息详情
Libpng库未知类型块处理远程代码执行漏洞
- CNNVD编号:CNNVD-200804-177
- 危害等级: 高危
- CVE编号: CVE-2008-1382
- 漏洞类型: 数字错误
- 发布时间: 2008-04-14
- 威胁类型: 远程
- 更新时间: 2009-06-23
- 厂 商: libpng
- 漏洞来源: Tavis Ormandy tavi...
漏洞简介
libpng是多种应用程序所使用的解析PNG图形格式的函数库 。
libpng库在处理畸形格式的PNG文件时存在漏洞,成功利用此漏洞允许本地攻击者读取敏感信息、导致拒绝服务或执行任意指令 。
libpng库没有正确地处理未知类型的PNG块,如果使用该库的应用程序在特定情况下调用了png_set_read_user_chunk_fn()或png_set_keep_unknown_chunks()函数的话,长度为0的PNG块就会导致通过free()调用使用未初始化的内存 。
漏洞公告
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Ubuntu Ubuntu Linux 7.10 powerpc
Ubuntu libpng12-0-udeb_1.2.15~beta5-2ubuntu0.2_powerpc.udeb
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0 -udeb_1.2.15~beta5-2ubuntu0.2_powerpc.udeb
Ubuntu libpng12-0_1.2.15~beta5-2ubuntu0.2_powerpc.deb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2 .15~beta5-2ubuntu0.2_powerpc.deb
Ubuntu libpng12-dev_1.2.15~beta5-2ubuntu0.2_powerpc.deb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1 .2.15~beta5-2ubuntu0.2_powerpc.deb
Ubuntu libpng3_1.2.15~beta5-2ubuntu0.2_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1. 2.15~beta5-2ubuntu0.2_all.deb
Ubuntu Ubuntu Linux 8.10 powerpc
Ubuntu libpng12-0-udeb_1.2.27-1ubuntu0.1_powerpc.udeb
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2. 27-1ubuntu0.1_powerpc.udeb
Ubuntu libpng12-0_1.2.27-1ubuntu0.1_powerpc.deb
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubunt u0.1_powerpc.deb
Ubuntu libpng12-dev_1.2.27-1ubuntu0.1_powerpc.deb
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubu ntu0.1_powerpc.deb
Ubuntu libpng3_1.2.27-1ubuntu0.1_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1. 2.27-1ubuntu0.1_all.deb
Ubuntu Ubuntu Linux 8.10 sparc
Ubuntu libpng12-0-udeb_1.2.27-1ubuntu0.1_sparc.udeb
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2. 27-1ubuntu0.1_sparc.udeb
Ubuntu libpng12-0_1.2.27-1ubuntu0.1_sparc.deb
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubunt u0.1_sparc.deb
Ubuntu libpng12-dev_1.2.27-1ubuntu0.1_sparc.deb
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubu ntu0.1_sparc.deb
Ubuntu libpng3_1.2.27-1ubuntu0.1_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1. 2.27-1ubuntu0.1_all.deb
Ubuntu Ubuntu Linux 8.04 LTS i386
Ubuntu libpng12-0-udeb_1.2.15~beta5-3ubuntu0.1_i386.udeb
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0 -udeb_1.2.15~beta5-3ubuntu0.1_i386.udeb
Ubuntu libpng12-0_1.2.15~beta5-3ubuntu0.1_i386.deb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2 .15~beta5-3ubuntu0.1_i386.deb
Ubuntu libpng12-dev_1.2.15~beta5-3ubuntu0.1_i386.deb
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1 .2.15~beta5-3ubuntu0.1_i386.deb
Ubuntu libpng3_1.2.15~beta5-3ubuntu0.1_all.deb
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1. 2.15~beta5-3ubuntu0.1_all.deb
libpng libpng 1.0.10
Cuyahoga libpng-1.2.27beta03.tar.bz2
http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?mo dtime=1208169600&big_mirror=0
libpng libpng 1.0.16
Cuyahoga libpng-1.2.27beta03.tar.bz2
http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?mo dtime=1208169600&big_mirror=0
libpng libpng 1.0.17
Cuyahoga libpng-1.2.27beta03.tar.bz2
http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?mo dtime=1208169600&big_mirror=0
libpng libpng 1.0.24
Cuyahoga libpng-1.2.27beta03.tar.bz2
http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?mo dtime=1208169600&big_mirror=0
libpng libpng 1.0.9
Cuyahoga libpng-1.2.27beta03.tar.bz2
http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?mo dtime=1208169600&big_mirror=0
libpng libpng 1.2.26
Cuyahoga libpng-1.2.27beta03.tar.bz2
http://downloads.sourceforge.net/libpng/libpng-1.2.27beta03.tar.bz2?mo dtime=1208169600&big_mirror=0
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X 10.4.11
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple SecUpd2009-002PPC.dmg
(PowerPC)
http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/downloads/DL818/SecUpd2009-002PPC.dmg
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X Server 10.5.2
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpdCombo10.5.5.dmg
http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpdCombo10.5.7.dmg
http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/downloads/DL829/MacOSXServerUpdCombo10.5.7.dm g
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X 10.5.3
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXUpdCombo10.5.5.dmg
http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/
CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXUpdCombo10.5.7.dmg
http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/downloads
参考网址
来源:US-CERT
名称: TA09-133A
链接:http://www.us-cert.gov/cas/techalerts/TA09-133A.HTML
来源:US-CERT
名称: TA08-260A
链接:http://www.us-cert.gov/cas/techalerts/TA08-260A.HTML
来源: VUPEN
名称: ADV-2009-1560
链接:http://www.vupen.com/english/advisories/2009/1560
来源: VUPEN
名称: ADV-2009-1462
链接:http://www.vupen.com/english/advisories/2009/1462
来源: VUPEN
名称: ADV-2009-1451
链接:http://www.vupen.com/english/advisories/2009/1451
来源: VUPEN
名称: ADV-2009-1297
链接:http://www.vupen.com/english/advisories/2009/1297
来源: www.vmware.com
链接:http://www.vmware.com/security/advisories/VMSA-2009-0007.HTML
来源: BUGTRAQ
名称: 20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues
链接:http://www.securityfocus.com/archive/1/archive/1/503912/100/0/threaded
来源: MISC
链接:http://www.ocert.org/advisories/ocert-2008-003.HTML
来源: MANDRIVA
名称: MDVSA-2008:156
链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:156
来源: VUPEN
名称: ADV-2008-2584
链接:http://www.frsirt.com/english/advisories/2008/2584
来源: DEBIAN
名称: DSA-1750
链接:http://www.debian.org/security/2009/dsa-1750
来源: support.avaya.com
链接:http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
来源: support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com
链接:http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT3549
来源: SUNALERT
名称: 259989
链接:http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
来源: GENTOO
名称: GLSA-200812-15
链接:http://security.gentoo.org/glsa/glsa-200812-15.xml
来源: GENTOO
名称: GLSA-200805-10
链接:http://security.gentoo.org/glsa/glsa-200805-10.xml
来源: SECUNIA
名称: 35386
链接:http://secunia.com/advisories/35386
来源: SECUNIA
名称: 35302
链接:http://secunia.com/advisories/35302
来源: SECUNIA
名称: 35258
链接:http://secunia.com/advisories/35258
来源: SECUNIA
名称: 35074
链接:http://secunia.com/advisories/35074
来源: SECUNIA
名称: 34388
链接:http://secunia.com/advisories/34388
来源: SECUNIA
名称: 33137
链接:http://secunia.com/advisories/33137
来源: SECUNIA
名称: 31882
链接:http://secunia.com/advisories/31882
来源: SECUNIA
名称: 30174
链接:http://secunia.com/advisories/30174
来源: SECUNIA
名称: 30157
链接:http://secunia.com/advisories/30157
来源: SECUNIA
名称: 29792
链接:http://secunia.com/advisories/29792
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2009-05-12
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2009/May/msg00002.HTML
来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple
名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2008-09-15
链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce//2008/Sep/msg00005.HTML
来源: libpng.sourceforge.net
链接:http://libpng.sourceforge.net/Advisory-1.2.26.txt
来源: FEDORA
名称: FEDORA-2008-3937
链接:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00960.HTML
来源: FEDORA
名称: FEDORA-2008-3979
链接:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00951.HTML
来源: FEDORA
名称: FEDORA-2008-3683
链接:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00721.HTML
来源: FEDORA
名称: FEDORA-2008-4947
链接:https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00111.HTML
来源: FEDORA
名称: FEDORA-2008-4910
链接:https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00080.HTML
来源: FEDORA
名称: FEDORA-2008-4847
链接:https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00033.HTML
来源: XF
名称: libpng-zero-length-code-execution(41800)
链接:http://xforce.iss.net/xforce/xfdb/41800
来源: SECTRACK
名称: 1019840
链接:http://www.securitytracker.com/id?1019840
来源: BID
名称: 28770
链接:http://www.securityfocus.com/bid/28770
来源: BUGTRAQ
名称: 20080429 rPSA-2008-0151-1 libpng
链接:http://www.securityfocus.com/archive/1/archive/1/491424/100/0/threaded
来源: BUGTRAQ
名称: 20080414 [oCERT-2008-003] libpng zero-length chunks incorrect handling
链接:http://www.securityfocus.com/archive/1/archive/1/490823/100/0/threaded
来源: OSVDB
名称: 44364
链接:http://www.osvdb.org/44364
来源: VUPEN
名称: ADV-2008-1225
链接:http://www.frsirt.com/english/advisories/2008/1225/references
来源: wiki.rpath.com
链接:http://wiki.rpath.com/wiki/Advisories:rPSA-2008
受影响实体
- Libpng Libpng:1.4:Beta9
- Libpng Libpng:1.4:Beta3
- Libpng Libpng:1.4:Beta2
- Libpng Libpng:1.4:Beta19
- Libpng Libpng:1.4:Beta18
补丁
暂无
评论