Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1363

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1363
Last Modified 10 Sep 2008 03:14:24
Published 26 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1363

Summary

Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buffers.

Vulnerable Systems

Application

  • Greg Roelofs Libpng 1.0.11

  • Greg Roelofs Libpng 1.0.12

  • Greg Roelofs Libpng 1.0.13

  • Greg Roelofs Libpng 1.0.14

  • Greg Roelofs Libpng 1.0.5

  • Greg Roelofs Libpng 1.0.6

  • Greg Roelofs Libpng 1.0.7

  • Greg Roelofs Libpng 1.0.8

  • Greg Roelofs Libpng 1.0.9

  • Greg Roelofs Libpng 1.2.0

  • Greg Roelofs Libpng 1.2.1

  • Greg Roelofs Libpng 1.2.2

  • Greg Roelofs Libpng 1.2.3

  • Greg Roelofs Libpng 1.2.4


References

DEBIAN - DSA-213

XF - libpng-file-offset-bo(10925)

FEDORA - FLSA:1943

BID - 6431

REDHAT - RHSA-2004:402

REDHAT - RHSA-2004:249

REDHAT - RHSA-2003:157

REDHAT - RHSA-2003:119

REDHAT - RHSA-2003:007

REDHAT - RHSA-2003:006

SUSE - SUSE-SA:2003:0004

MANDRAKE - MDKSA-2004:063

MANDRAKE - MDKSA-2003:008


Last Updated: 27 May 2016 10:37:18