• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Libpng Graphics Library Chunk Error Processing Buffer Overflow Vulnerability

Solution:
The vendor has released libpng 1.2.12 to address this issue.

Please see the referenced vendor advisories for details on obtaining and applying fixes.


MandrakeSoft Linux Mandrake 2007.0

• Mandriva chromium-0.9.12-25.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-0.9.12-25.1mdv2007.0.src.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-0.9.12-25.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-setup-0.9.12-25.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-setup-0.9.12-25.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.7-1.1mdv2007.0.i586.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.7-1.1mdv2007.0.src.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.7-1.1mdv2007.0.x86_64.rpm
  Mandriva Linux 2007.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-3.20-3.1mdv2007.0.i586.rpm
  Mandriva Linux 2007
  http://www.mandriva.com/en/download


• Mandriva syslinux-3.20-3.1mdv2007.0.i586.rpm
  Mandriva Linux 2007
  http://www.mandriva.com/en/download


• Mandriva syslinux-3.20-3.1mdv2007.0.src.rpm
  Mandriva Linux 2007
  http://www.mandriva.com/en/download


• Mandriva syslinux-devel-3.20-3.1mdv2007.0.i586.rpm
  Mandriva Linux 2007
  http://www.mandriva.com/en/download

MandrakeSoft Corporate Server 4.0

• Mandriva doxygen-1.4.4-1.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.4-1.1.20060mlcs4.src.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.4-1.1.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-3.11-1.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-3.11-1.1.20060mlcs4.src.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-devel-3.11-1.1.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download

libpng libpng 1.0.16

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz

libpng libpng 1.0.17

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz

libpng libpng3 1.2.10

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz

libpng libpng3 1.2.11

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz

libpng libpng3 1.2.6

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz

libpng libpng3 1.2.7

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz

libpng libpng3 1.2.8

• libpng libpng-1.2.12.tar.gz
  http://prdownloads.sourceforge.net/libpng/libpng-1.2.12.tar.gz


• Mandriva lib64png3-1.2.8-1.2.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva lib64png3-1.2.8-1.2.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva lib64png3-devel-1.2.8-1.2.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva lib64png3-devel-1.2.8-1.2.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva lib64png3-static-devel-1.2.8-1.2.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva lib64png3-static-devel-1.2.8-1.2.20060mlcs4.x86_64.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libpng-1.2.8-1.2.20060mdk.src.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva libpng-1.2.8-1.2.20060mlcs4.src.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libpng3-1.2.8-1.2.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva libpng3-1.2.8-1.2.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libpng3-devel-1.2.8-1.2.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva libpng3-devel-1.2.8-1.2.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download


• Mandriva libpng3-static-devel-1.2.8-1.2.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva libpng3-static-devel-1.2.8-1.2.20060mlcs4.i586.rpm
  Corporate 4.0:
  http://www.mandriva.com/en/download

Apple Mac OS X 10.5.2

• Apple SecUpd2008-002.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18157&cat= 57&platform=osx&method=sa/SecUpd2008-002.dmg

Apple Mac OS X Server 10.5.2

• Apple SecUpdSrvr2008-002.dmg
  http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty2.pl/product=18157&cat= 57&platform=osx&method=sa/SecUpdSrvr2008-002.dmg

MandrakeSoft Linux Mandrake 2006.0

• Mandriva doxygen-1.4.4-1.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.4-1.1.20060mdk.src.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.4.4-1.1.20060mdk.x86_64.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-3.11-1.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-3.11-1.1.20060mdk.src.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download


• Mandriva pxelinux-devel-3.11-1.1.20060mdk.i586.rpm
  Mandriva Linux 2006.0:
  http://www.mandriva.com/en/download

MandrakeSoft Corporate Server 3.0

• Mandriva chromium-0.9.12-21.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-0.9.12-21.1.C30mdk.src.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-0.9.12-21.1.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-setup-0.9.12-21.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva chromium-setup-0.9.12-21.1.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.3.5-2.1.C30mdk.i586.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.3.5-2.1.C30mdk.src.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download


• Mandriva doxygen-1.3.5-2.1.C30mdk.x86_64.rpm
  Corporate 3.0:
  http://www.mandriva.com/en/download