BID:52049

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability

Info

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability

Bugtraq ID:	52049
Class:	Boundary Condition Error
CVE:	CVE-2011-3026
Remote:	Yes
Local:	No
Published:	Feb 15 2012 12:00AM
Updated:	Apr 13 2015 09:51PM
Credit:	Jueri Aedla
Vulnerable:	Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubuntu Ubuntu Linux 8.04 LTS amd64 Ubuntu Ubuntu Linux 11.10 i386 Ubuntu Ubuntu Linux 11.10 amd64 Ubuntu Ubuntu Linux 11.04 powerpc Ubuntu Ubuntu Linux 11.04 i386 Ubuntu Ubuntu Linux 11.04 ARM Ubuntu Ubuntu Linux 11.04 amd64 Ubuntu Ubuntu Linux 10.10 powerpc Ubuntu Ubuntu Linux 10.10 i386 Ubuntu Ubuntu Linux 10.10 ARM Ubuntu Ubuntu Linux 10.10 amd64 Ubuntu Ubuntu Linux 10.04 sparc Ubuntu Ubuntu Linux 10.04 powerpc Ubuntu Ubuntu Linux 10.04 i386 Ubuntu Ubuntu Linux 10.04 ARM Ubuntu Ubuntu Linux 10.04 amd64 SuSE SUSE Linux Enterprise Software Development Kit 11 SP1 for SP2 SuSE SUSE Linux Enterprise Server for VMware 11 SP1 SuSE SUSE Linux Enterprise Server 11 SP1 for SP2 SuSE SUSE Linux Enterprise Server 11 SP1 SuSE SUSE Linux Enterprise Server 10 SP4 SuSE SUSE Linux Enterprise SDK 11 SP1 SuSE SUSE Linux Enterprise SDK 10 SP4 SuSE Suse Linux Enterprise Desktop 11 SP1 for SP2 SuSE Suse Linux Enterprise Desktop 11 SP1 SuSE Suse Linux Enterprise Desktop 10 SP4 Sun Solaris 11 Sun Solaris 10 SRWare Iron 15.0.900.1 SRWare Iron 15 SRWare Iron 13.0.800.0 SRWare Iron 13.0 SRWare Iron 11.0.700.3 SRWare Iron 11.0.700.2 SRWare Iron 11.0.700.1 SRWare Iron 11.0.700.0 S.u.S.E. openSUSE 11.4 Redhat Enterprise Linux WS 4 Redhat Enterprise Linux Workstation Optional 6 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 6 Redhat Enterprise Linux Server 6 Redhat Enterprise Linux HPC Node Optional 6 Redhat Enterprise Linux HPC Node 6 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop Optional 6 Redhat Enterprise Linux Desktop 6 Redhat Enterprise Linux Desktop 5 client Redhat Enterprise Linux AS 4 Redhat Enterprise Linux Desktop version 4 Redhat Enterprise Linux 5 Server Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 Oracle Enterprise Linux 4 Mozilla Thunderbird 3.1.14 Mozilla Thunderbird 3.1.13 Mozilla Thunderbird 3.1.12 Mozilla Thunderbird 3.1.7 Mozilla Thunderbird 3.1.5 Mozilla Thunderbird 3.1.4 Mozilla Thunderbird 3.0.11 Mozilla Thunderbird 3.0.9 Mozilla Thunderbird 3.0.9 Mozilla Thunderbird 3.0.8 Mozilla Thunderbird 3.0.5 Mozilla Thunderbird 3.0.4 Mozilla Thunderbird 3.0.2 Mozilla Thunderbird 3.0.1 Mozilla Thunderbird 2.0 24 Mozilla Thunderbird 2.0 .9 Mozilla Thunderbird 2.0 .8 Mozilla Thunderbird 2.0 .6 Mozilla Thunderbird 2.0 .5 Mozilla Thunderbird 2.0 .4 Mozilla Thunderbird 2.0 .19 Mozilla Thunderbird 2.0 .17 Mozilla Thunderbird 2.0 .16 Mozilla Thunderbird 2.0 .15 Mozilla Thunderbird 2.0 .14 Mozilla Thunderbird 2.0 .13 Mozilla Thunderbird 2.0 .12 Mozilla Thunderbird 9.0 Mozilla Thunderbird 8.0 Mozilla Thunderbird 7.0.1 Mozilla Thunderbird 7.0 Mozilla Thunderbird 6.0.2 Mozilla Thunderbird 6.0.1 Mozilla Thunderbird 6.0 Mozilla Thunderbird 6 Mozilla Thunderbird 6 Mozilla Thunderbird 5.0 Mozilla Thunderbird 5 Mozilla Thunderbird 3.3 Mozilla Thunderbird 3.3 Mozilla Thunderbird 3.1.9 Mozilla Thunderbird 3.1.8 Mozilla Thunderbird 3.1.7 Mozilla Thunderbird 3.1.6 Mozilla Thunderbird 3.1.3 Mozilla Thunderbird 3.1.2 Mozilla Thunderbird 3.1.18 Mozilla Thunderbird 3.1.18 Mozilla Thunderbird 3.1.17 Mozilla Thunderbird 3.1.16 Mozilla Thunderbird 3.1.15 Mozilla Thunderbird 3.1.11 Mozilla Thunderbird 3.1.10 Mozilla Thunderbird 3.1.1 Mozilla Thunderbird 3.1 Mozilla Thunderbird 3.0.7 Mozilla Thunderbird 3.0.6 Mozilla Thunderbird 3.0.4 Mozilla Thunderbird 3.0.3 Mozilla Thunderbird 3.0.11 Mozilla Thunderbird 3.0.10 Mozilla Thunderbird 3.0 Mozilla Thunderbird 2.1 Mozilla Thunderbird 2.0.0.23 Mozilla Thunderbird 2.0.0.22 Mozilla Thunderbird 2.0.0.21 Mozilla Thunderbird 2.0.0.20 Mozilla Thunderbird 2.0.0.18 Mozilla Thunderbird 2.0.0.11 Mozilla Thunderbird 10.0.1 Mozilla Thunderbird 10.0 Mozilla Thunderbird 10.0 Mozilla SeaMonkey 2.0.11 Mozilla SeaMonkey 2.0.9 Mozilla SeaMonkey 2.0.8 Mozilla SeaMonkey 2.0.5 Mozilla SeaMonkey 2.0.4 Mozilla SeaMonkey 2.0.3 Mozilla SeaMonkey 2.0.2 Mozilla SeaMonkey 2.0.1 Mozilla SeaMonkey 2.7.1 Mozilla SeaMonkey 2.7 Mozilla SeaMonkey 2.6 Mozilla SeaMonkey 2.5 Mozilla SeaMonkey 2.4 Mozilla SeaMonkey 2.3 Mozilla SeaMonkey 2.2 Mozilla SeaMonkey 2.1b2 Mozilla SeaMonkey 2.1 Alpha3 Mozilla SeaMonkey 2.1 Alpha2 Mozilla SeaMonkey 2.1 Alpha1 Mozilla SeaMonkey 2.1 Mozilla SeaMonkey 2.0.9 Mozilla SeaMonkey 2.0.7 Mozilla SeaMonkey 2.0.6 Mozilla SeaMonkey 2.0.5 Mozilla SeaMonkey 2.0.4 Mozilla SeaMonkey 2.0.14 Mozilla SeaMonkey 2.0.13 Mozilla SeaMonkey 2.0.12 Mozilla SeaMonkey 2.0.10 Mozilla SeaMonkey 2.0 Rc2 Mozilla SeaMonkey 2.0 Rc1 Mozilla SeaMonkey 2.0 Beta 2 Mozilla SeaMonkey 2.0 Beta 1 Mozilla SeaMonkey 2.0 Alpha 3 Mozilla SeaMonkey 2.0 Alpha 2 Mozilla SeaMonkey 2.0 Alpha 1 Mozilla SeaMonkey 2.0 Mozilla Firefox ESR 10.0.2 Mozilla Firefox 9.0.1 Mozilla Firefox 3.6.22 Mozilla Firefox 3.6.13 Mozilla Firefox 3.6.10 Mozilla Firefox 3.6.9 Mozilla Firefox 3.6.8 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.4 Mozilla Firefox 3.6.3 Mozilla Firefox 3.6.2 Mozilla Firefox 3.5.17 Mozilla Firefox 3.5.16 Mozilla Firefox 3.5.14 Mozilla Firefox 3.5.13 Mozilla Firefox 3.5.10 Mozilla Firefox 3.5.9 Mozilla Firefox 3.5.8 Mozilla Firefox 3.5.7 Mozilla Firefox 3.5.6 Mozilla Firefox 3.5.5 Mozilla Firefox 3.5.4 Mozilla Firefox 3.5.3 Mozilla Firefox 3.5.2 Mozilla Firefox 3.5.1 Mozilla Firefox 3.5 Mozilla Firefox 3.0.18 Mozilla Firefox 3.0.17 Mozilla Firefox 3.0.16 Mozilla Firefox 3.0.15 Mozilla Firefox 3.0.14 Mozilla Firefox 3.0.13 Mozilla Firefox 3.0.12 Mozilla Firefox 3.0.11 Mozilla Firefox 3.0.10 Mozilla Firefox 3.0.9 Mozilla Firefox 3.0.8 Mozilla Firefox 3.0.7 Beta Mozilla Firefox 3.0.7 Mozilla Firefox 3.0.6 Mozilla Firefox 3.0.5 Mozilla Firefox 3.0.4 Mozilla Firefox 3.0.3 Mozilla Firefox 3.0.2 Mozilla Firefox 3.0.1 Mozilla Firefox 2.0 20 Mozilla Firefox 2.0 .9 Mozilla Firefox 2.0 .8 Mozilla Firefox 2.0 .7 Mozilla Firefox 2.0 .6 Mozilla Firefox 2.0 .5 Mozilla Firefox 2.0 .4 Mozilla Firefox 2.0 .3 Mozilla Firefox 2.0 .19 Mozilla Firefox 2.0 .17 Mozilla Firefox 2.0 .16 Mozilla Firefox 2.0 .10 Mozilla Firefox 2.0 .1 Mozilla Firefox 9.0 Mozilla Firefox 8.0.1 Mozilla Firefox 8.0 Mozilla Firefox 7.0.1 Mozilla Firefox 7.0 Mozilla Firefox 7 Mozilla Firefox 6.0.2 Mozilla Firefox 6.0.1 Mozilla Firefox 6.0 Mozilla Firefox 6 Mozilla Firefox 5.0.1 Mozilla Firefox 5.0 Mozilla Firefox 4.0.1 Mozilla Firefox 4.0 Beta9 Mozilla Firefox 4.0 Beta8 Mozilla Firefox 4.0 Beta7 Mozilla Firefox 4.0 Beta6 Mozilla Firefox 4.0 Beta5 Mozilla Firefox 4.0 Beta4 Mozilla Firefox 4.0 Beta3 Mozilla Firefox 4.0 Beta12 Mozilla Firefox 4.0 Beta11 Mozilla Firefox 4.0 Beta10 Mozilla Firefox 4.0 Beta1 Mozilla Firefox 4.0 Mozilla Firefox 3.6.7 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.26 Mozilla Firefox 3.6.25 Mozilla Firefox 3.6.24 Mozilla Firefox 3.6.23 Mozilla Firefox 3.6.21 Mozilla Firefox 3.6.20 Mozilla Firefox 3.6.19 Mozilla Firefox 3.6.18 Mozilla Firefox 3.6.17 Mozilla Firefox 3.6.16 Mozilla Firefox 3.6.15 Mozilla Firefox 3.6.14 Mozilla Firefox 3.6.12 Mozilla Firefox 3.6.11 Mozilla Firefox 3.6 Beta 3 Mozilla Firefox 3.6 Beta 2 Mozilla Firefox 3.6 Mozilla Firefox 3.5.19 Mozilla Firefox 3.5.18 Mozilla Firefox 3.5.17 Mozilla Firefox 3.5.15 Mozilla Firefox 3.5.12 Mozilla Firefox 3.5.11 Mozilla Firefox 3.1 Beta 3 Mozilla Firefox 3.1 Beta 2 Mozilla Firefox 3.1 Beta 1 Mozilla Firefox 3.0.19 Mozilla Firefox 3.0 Beta 5 Mozilla Firefox 3.0 Mozilla Firefox 2.0.0.2 Mozilla Firefox 2.0.0.19 Mozilla Firefox 2.0.0.18 Mozilla Firefox 2.0.0.15 Mozilla Firefox 2.0.0.14 Mozilla Firefox 2.0.0.13 Mozilla Firefox 2.0.0.12 Mozilla Firefox 2.0.0.11 Mozilla Firefox 2.0 RC3 Mozilla Firefox 2.0 RC2 Mozilla Firefox 2.0 beta 1 Mozilla Firefox 2.0 Mozilla Firefox 10.0.2 Mozilla Firefox 10.0.1 Mozilla Firefox 10.0 Moonchild Productions Pale Moon 3.6.27 Moonchild Productions Pale Moon 3.6.26 Moonchild Productions Pale Moon 9.1 Moonchild Productions Pale Moon 3.6.29 Mandriva Linux Mandrake 2011 x86_64 Mandriva Linux Mandrake 2011 Mandriva Linux Mandrake 2010.1 x86_64 Mandriva Linux Mandrake 2010.1 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 libpng libpng 1.5.5 libpng libpng 1.5.4 libpng libpng 1.5 libpng libpng 1.4.8 libpng libpng 1.4.3 libpng libpng 1.4.2 libpng libpng 1.4.1 libpng libpng 1.4 beta19 libpng libpng 1.4 beta01 libpng libpng 1.4 libpng libpng 1.2.45 libpng libpng 1.2.44 libpng libpng 1.2.43 libpng libpng 1.2.42 libpng libpng 1.2.37 libpng libpng 1.2.36 libpng libpng 1.2.35 libpng libpng 1.2.34 libpng libpng 1.2.27 beta01 libpng libpng 1.2.27 libpng libpng 1.2.26 libpng libpng 1.2.23 libpng libpng 1.2.22 rc1 libpng libpng 1.2.21 libpng libpng 1.2.20 libpng libpng 1.2.19 libpng libpng 1.2.8 libpng libpng 1.5.8 libpng libpng 1.5.7 libpng libpng 1.5.6 libpng libpng 1.5.1 beta 01 libpng libpng 1.5 libpng libpng 1.4 IBM Storwize V7000 Unified 1.3.2 0 IBM Storwize V7000 Unified 1.3.1.0 IBM Storwize V7000 Unified 1.3.0.5 IBM Storwize V7000 Unified 1.3.0.0 IBM Lotus Notes 8.5.3 Fix Pack 3 IBM Lotus Notes 8.5.3 Fix Pack 2 IBM Lotus Notes 8.5.3 IBM Lotus Notes 8.5.2 IBM Lotus Notes 8.5.1 IBM Lotus Notes 8.5.2 FP2 IBM Lotus Notes 8.5.1.3 IBM Lotus Notes 8.5.1.2 IBM Lotus Notes 8.5.1 FP5 IBM Informix Genero 2.40 IBM Cognos Business Intelligence 10.1.1 IBM Cognos Business Intelligence 8.4.1 IBM Cognos Business Intelligence 10.2 IBM Cognos Business Intelligence 10.1 Google Chrome 16.0.912 75 Google Chrome 15.0.874 102 Google Chrome 9.0.597.94 Google Chrome 9.0.597.84 Google Chrome 9.0.597.107 Google Chrome 8.0.552.344 Google Chrome 8.0.552.310 Google Chrome 8.0.552.309 Google Chrome 8.0.552.308 Google Chrome 8.0.552.307 Google Chrome 8.0.552.306 Google Chrome 8.0.552.305 Google Chrome 8.0.552.304 Google Chrome 8.0.552.303 Google Chrome 8.0.552.302 Google Chrome 8.0.552.301 Google Chrome 8.0.552.300 Google Chrome 8.0.552.237 Google Chrome 8.0.552.226 Google Chrome 8.0.552.225 Google Chrome 8.0.552.224 Google Chrome 8.0.552.223 Google Chrome 8.0.552.222 Google Chrome 8.0.552.221 Google Chrome 8.0.552.220 Google Chrome 8.0.552.219 Google Chrome 8.0.552.218 Google Chrome 8.0.552.217 Google Chrome 8.0.552.216 Google Chrome 8.0.552.215 Google Chrome 8.0.552.214 Google Chrome 8.0.552.213 Google Chrome 8.0.552.212 Google Chrome 8.0.552.211 Google Chrome 8.0.552.210 Google Chrome 8.0.552.21 Google Chrome 8.0.552.209 Google Chrome 8.0.552.208 Google Chrome 8.0.552.207 Google Chrome 8.0.552.206 Google Chrome 8.0.552.205 Google Chrome 8.0.552.204 Google Chrome 8.0.552.203 Google Chrome 8.0.552.202 Google Chrome 8.0.552.201 Google Chrome 8.0.552.200 Google Chrome 8.0.552.20 Google Chrome 8.0.552.2 Google Chrome 8.0.552.19 Google Chrome 8.0.552.18 Google Chrome 8.0.552.17 Google Chrome 8.0.552.16 Google Chrome 8.0.552.15 Google Chrome 8.0.552.14 Google Chrome 8.0.552.13 Google Chrome 8.0.552.12 Google Chrome 8.0.552.11 Google Chrome 8.0.552.105 Google Chrome 8.0.552.104 Google Chrome 8.0.552.103 Google Chrome 8.0.552.102 Google Chrome 8.0.552.101 Google Chrome 8.0.552.100 Google Chrome 8.0.552.10 Google Chrome 8.0.552.1 Google Chrome 8.0.552.0 Google Chrome 8.0.551.1 Google Chrome 8.0.551.0 Google Chrome 8.0.550.0 Google Chrome 8.0.549.0 Google Chrome 17.0.963.46 Google Chrome 16.0.912.77 Google Chrome 16.0.912.75 Google Chrome 16.0.912.63 Google Chrome 16 Google Chrome 15.0.874.121 Google Chrome 15.0.874.120 Google Chrome 14.0.835.202 Google Chrome 14.0.835.186 Google Chrome 14.0.835.163 Google Chrome 14 Google Chrome 13.0.782.215 Google Chrome 13.0.782.112 Google Chrome 13.0.782.107 Google Chrome 13 Google Chrome 12.0.742.91 Google Chrome 12.0.742.112 Google Chrome 12.0.742.100 Google Chrome 12 Google Chrome 11.0.696.77 Google Chrome 11.0.696.71 Google Chrome 11.0.696.68 Google Chrome 11.0.696.65 Google Chrome 11.0.696.57 Google Chrome 11.0.696.43 Google Chrome 11.0.672.2 Google Chrome 11 Google Chrome 10.0.648.205 Google Chrome 10.0.648.205 Google Chrome 10.0.648.204 Google Chrome 10.0.648.133 Google Chrome 10.0.648.128 Google Chrome 10.0.648.127 Google Chrome 10.0.648.127 Google Chrome 10 Gentoo Linux Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 Avaya Voice Portal 5.1.2 Avaya Voice Portal 5.1.1 Avaya Voice Portal 5.1 SP3 Avaya Voice Portal 5.1 SP2 Avaya Voice Portal 5.1 SP1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP2 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya Proactive Contact 4.1.2 Avaya Proactive Contact 4.1.1 Avaya Proactive Contact 5.0 Avaya Proactive Contact 4.2.2 Avaya Proactive Contact 4.2.1 Avaya Proactive Contact 4.2 Avaya Proactive Contact 4.1 Avaya Proactive Contact 4.0.1 Avaya Proactive Contact 4.0 Avaya Messaging Storage Server 5.2.8 Avaya Messaging Storage Server 5.2.2 Avaya Messaging Storage Server 5.2 SP9 Avaya Messaging Storage Server 5.2 SP8 Avaya Messaging Storage Server 5.2 SP3 Avaya Messaging Storage Server 5.2 SP2 Avaya Messaging Storage Server 5.2 SP1 Avaya Messaging Storage Server 5.2 Avaya Messaging Storage Server 5.1 SP2 Avaya Messaging Storage Server 5.1 SP1 Avaya Messaging Storage Server 5.1 Avaya Messaging Storage Server 5.0 Avaya Message Networking 5.2.1 Avaya Message Networking 5.2.4 Avaya Message Networking 5.2.3 Avaya Message Networking 5.2.2 Avaya Message Networking 5.2 SP4 Avaya Message Networking 5.2 SP3 Avaya Message Networking 5.2 SP1 Avaya Message Networking 5.2 Avaya IQ 4.1 Avaya IQ 5.2 Avaya IQ 5.1.1 Avaya IQ 5.1 Avaya IQ 5 Avaya IQ 4.2 Avaya IQ 4.0 Avaya IP Office Application Server 8.1 Avaya IP Office Application Server 8.0 Avaya Conferencing Standard Edition 6.0.1 Avaya Conferencing Standard Edition 6.0 SP1 Avaya Conferencing Standard Edition 6.0 Avaya Communication Server 1000M Signaling Server 7.6 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M Signaling Server 6.0 Avaya Communication Server 1000M 7.6 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E Signaling Server 7.6 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E Signaling Server 6.0 Avaya Communication Server 1000E 7.6 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya Aura System Platform 6.0.2 Avaya Aura System Platform 6.0.1 Avaya Aura System Platform 6.2 Avaya Aura System Platform 6.0.3.9.3 Avaya Aura System Platform 6.0.3.8.3 Avaya Aura System Platform 6.0.3.0.3 Avaya Aura System Platform 6.0 SP3 Avaya Aura System Platform 6.0 SP2 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.1 Avaya Aura System Platform 1.0 Avaya Aura System Manager 6.3.1 Avaya Aura System Manager 6.3 Avaya Aura System Manager 6.2.3 Avaya Aura System Manager 6.2 SP3 Avaya Aura System Manager 6.2 Avaya Aura System Manager 6.1.5 Avaya Aura System Manager 6.1.3 Avaya Aura System Manager 6.1.2 Avaya Aura System Manager 6.1.1 Avaya Aura System Manager 6.1 SP2 Avaya Aura System Manager 6.1 Sp1 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 SP1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura Session Manager 6.2.1 Avaya Aura Session Manager 6.1.5 Avaya Aura Session Manager 6.1.3 Avaya Aura Session Manager 6.1.2 Avaya Aura Session Manager 6.1.1 Avaya Aura Session Manager 6.0.1 Avaya Aura Session Manager 6.2.3 Avaya Aura Session Manager 6.2.2 Avaya Aura Session Manager 6.2 SP1 Avaya Aura Session Manager 6.2 Avaya Aura Session Manager 6.1 SP2 Avaya Aura Session Manager 6.1 Sp1 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0.2 Avaya Aura Session Manager 6.0 SP1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2.4 Avaya Aura Session Manager 5.2.1 Avaya Aura Session Manager 5.2 SP2 Avaya Aura Session Manager 5.2 SP1 Avaya Aura Session Manager 5.2 Avaya Aura Session Manager 5.0 Avaya Aura Session Manager 1.1.1 Avaya Aura Session Manager 1.1 Avaya Aura Session Manager 1.0 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 Avaya Aura Experience Portal 6.0 SP1 Avaya Aura Experience Portal 6.0 Avaya Aura Conferencing 6.0 Standard Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1.0.9.8 Avaya Aura Communication Manager Utility Services 6.1 SP 6.1.0.9.8 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Application Server 5300 SIP Core 2.1 Avaya Aura Application Server 5300 SIP Core 2.0 PB25 Avaya Aura Application Server 5300 SIP Core 2.0 PB23 Avaya Aura Application Server 5300 SIP Core 2.0 PB19 Avaya Aura Application Server 5300 SIP Core 2.0 PB16 Avaya Aura Application Server 5300 SIP Core 2.0 Avaya Application Server 5300 2.0 Apple Mac OS X Server 10.7.5 Apple Mac OS X Server 10.7.3 Apple Mac OS X Server 10.7.2 Apple Mac OS X Server 10.7.1 Apple Mac OS X Server 10.7 Apple Mac OS X Server 10.6.8 Apple Mac OS X 10.7.4 Apple Mac OS X 10.7.3 Apple Mac OS X 10.7.2 Apple Mac OS X 10.7.1 Apple Mac OS X 10.7 Apple Mac OS X 10.6.8 Apple iOS 5.1.1 Apple iOS 5.1 Apple iOS 5.0.1 Apple iOS 5 Apple iOS 4.3.5 Apple iOS 4.3 Apple iOS 4.2 Apple iOS 4.1 Apple iOS 4 Apple iOS 3.2 Apple iOS 3.1 Apple iOS 3.0 Apple iOS 2.1 Apple iOS 2.0 Apple Apple TV 5.0 Apple Apple TV 4.4

Not Vulnerable:	SRWare Iron 18.0.1050.0 Mozilla Thunderbird ESR 10.0.2 Mozilla Thunderbird 3.1.19 Mozilla Thunderbird 10.0.2 Mozilla SeaMonkey 2.7.2 Mozilla Firefox 3.6.27 Moonchild Productions Pale Moon 9.2 Moonchild Productions Pale Moon 3.6.30 IBM Storwize V7000 Unified 1.4 0 IBM Storwize V7000 Unified 1.3.2 3 IBM Lotus Notes 9.0 IBM Lotus Notes 8.5.3 Fix Pack 4 IBM Informix Genero 2.41 Google Chrome 17.0.963.56 Avaya Message Networking 5.2.5 Avaya Aura System Manager 6.3.2 Avaya Aura Session Manager 6.3.1 Avaya Aura Session Manager 6.3 Avaya Aura Presence Services 6.1 SP2 Avaya Aura Experience Portal 6.0 SP2 + Avaya Communication Manager Server DEFINITY Server SI/CS + Avaya Communication Manager Server S8100 + Avaya Communication Manager Server S8300 + Avaya Communication Manager Server S8500 + Avaya Communication Manager Server S8700 Avaya Aura Application Server 5300 SIP Core 2.0 PB26 Apple Mac OS X 10.8.2 Apple Mac OS X 10.7.5 Apple iOS 6 Apple Apple TV 5.1

Discussion

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability

libpng is prone to a remote integer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.

An attacker can exploit this issue to execute arbitrary malicious code in the context of a user running an application that uses the affected library. Failed exploit attempts will likely crash the library.

Exploit / POC

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability

Solution:
Updates are available. Please see the references for more information.

Apple Mac OS X 10.6.8

Apple SecUpd2012-004.dmg
For Mac OS X v10.6.8
http://www.apple.com/support/downloads/

References

libpng 'png_decompress_chunk()' Remote Integer Overflow Vulnerability

References:

17.0.963.56 Stable Channel Update (Google)
About the security content of Apple TV 5.1 (Apple)
libpng Homepage (libpng)
Mozilla releases to address CVE-2011-3026 (Mozilla)
Multiple vulnerabilities in libpng (Oracle)
New Iron-Version: 18.0.1050.0 Stable for Windows (SRWare)
Pale Moon: Release notes 3.6 (Moonchild Productions )
Pale Moon: Release notes for version 9 (Moonchild Productions)
ASA-2012-082 (Avaya)
ASA-2012-093 xulrunner security update (RHSA-2012-0143) (Avaya)
ASA-2012-180 libpng security update (RHSA-2012-0317) (Avaya)
IBM Informix Genero vulnerable to libpng chunk decompression integer overflow vu (IBM)
Mozilla Foundation Security Advisory 2012-11 (Mozilla)
Security Bulletin: Storwize V7000 Unified Update Includes Fixes for Multiple Ven (IBM)
Security vulnerabilities addressed in IBM Notes 9.0 (CVE-2011-3026, CVE-2012-634 (IBM)
swg21626697 Multiple vulnerabilities IBM Cognos BI 8.4.1,10.1,10.1.1 and 10.2 (IBM)
Vulnerability Note VU#523889 libpng chunk decompression integer overflow vulnera (US-CERT)