LibPNG Incorrect Offset Calculation Buffer Overflow Vulnerability

Bugtraq ID: 6431
Class: Boundary Condition Error
CVE: CVE-2002-1363
CVE-2002-1363
Remote: No
Local: Yes
Published: Dec 19 2002 12:00AM
Updated: Jan 11 2007 09:50PM
Credit: Discovery of this vulnerability credited to Glenn Randers-Pehrson.
Vulnerable: RedHat Linux 9.0 i386
RedHat Linux 7.3 i386
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
libpng libpng3 1.2.5
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.2
+ Gentoo Linux 1.2
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0 AMD64
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 10.0
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.2
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1 ppc
+ Mandriva Linux Mandrake 9.1
+ Mandriva Linux Mandrake 9.1
+ Red Hat Fedora Core1
+ Slackware Linux 10.0
+ Slackware Linux 9.1
+ Slackware Linux 9.1
+ Slackware Linux 9.0
+ Slackware Linux 9.0
+ Slackware Linux -current
+ Slackware Linux -current
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
+ Ubuntu Ubuntu Linux 4.1 ia32
libpng libpng3 1.2.4
+ Conectiva Linux 8.0
+ MandrakeSoft Corporate Server 2.1 x86_64
+ MandrakeSoft Corporate Server 2.1
+ MandrakeSoft Multi Network Firewall 2.0
+ Mandriva Linux Mandrake 9.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ S.u.S.E. Linux 8.1
libpng libpng3 1.2.3
libpng libpng3 1.2.2
+ RedHat Linux 8.0 i386
libpng libpng3 1.2.1
+ Debian Linux 3.0
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ Mandriva Linux Mandrake 8.2
+ Slackware Linux 8.1
libpng libpng3 1.2 .0
+ Conectiva Linux 8.0
libpng libpng 1.0.14
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 6.2 i386
libpng libpng 1.0.13
libpng libpng 1.0.12
- Caldera OpenLinux Server 3.1.1
- Caldera OpenLinux Server 3.1
- Caldera OpenLinux Workstation 3.1.1
- Caldera OpenLinux Workstation 3.1
+ Debian Linux 3.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3
libpng libpng 1.0.11
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
libpng libpng 1.0.10
+ S.u.S.E. Linux 7.2
libpng libpng 1.0.9
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
libpng libpng 1.0.8
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 7.2
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
- Ximian GNOME 1.4
libpng libpng 1.0.7
libpng libpng 1.0.6
libpng libpng 1.0.5
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ MandrakeSoft Corporate Server 1.0.1
+ Mandriva Linux Mandrake 7.1
libpng libpng 1.0
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0
Avaya S8700 R2.0.1
Avaya S8700 R2.0.0
Avaya S8500 R2.0.1
Avaya S8500 R2.0.0
Avaya S8300 R2.0.1
Avaya S8300 R2.0.0
Avaya Converged Communications Server 2.0
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.2.8
Apple Mac OS X 10.3.4
Apple Mac OS X 10.2.8
Not Vulnerable: Apple Mac OS X Server 10.3.5
Apple Mac OS X 10.3.5


 

Privacy Statement
Copyright 2010, SecurityFocus