Vulnerabilidad en Error de superación de límite en libpng (CVE-2007-5266)
Gravedad CVSS v2.0:
MEDIA
Tipo:
CWE-189
Errores numéricos
Fecha de publicación:
08/10/2007
Última modificación:
09/04/2025
Descripción
Error de superación de límite (off-by-one) en el manejo de perfiles ICC en la función png_set_iCCP de pngset.c en libpng anterior a 1.0.29 beta1 y 1.2.x anterior a 1.2.21 beta1 permite a atacantes remotos provocar una denegación de servicio (caída) mediante una imagen PNG manipulada artesanalmente que provoca que el campo de nombre no termine con NULL.
Impacto
Puntuación base 2.0
4.30
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* | 1.0.28 (incluyendo) | |
| cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* | 1.2.0 (incluyendo) | 1.2.20 (incluyendo) |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
- http://bugs.gentoo.org/show_bug.cgi?id=195261
- http://docs.info.apple.com/article.html?artnum=307562
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
- http://secunia.com/advisories/27284
- http://secunia.com/advisories/27529
- http://secunia.com/advisories/27629
- http://secunia.com/advisories/27746
- http://secunia.com/advisories/29420
- http://secunia.com/advisories/30161
- http://secunia.com/advisories/30430
- http://secunia.com/advisories/35302
- http://secunia.com/advisories/35386
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323
- http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement
- http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
- http://www.coresecurity.com/?action=item&id=2148
- http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml
- http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A217
- http://www.securityfocus.com/archive/1/483582/100/0/threaded
- http://www.securityfocus.com/archive/1/489135/100/0/threaded
- http://www.securityfocus.com/bid/25957
- http://www.us-cert.gov/cas/techalerts/TA08-150A.html
- http://www.vupen.com/english/advisories/2008/0924/references
- http://www.vupen.com/english/advisories/2008/1697
- http://www.vupen.com/english/advisories/2009/1462
- http://www.vupen.com/english/advisories/2009/1560
- https://issues.rpath.com/browse/RPL-1814
- http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html
- http://bugs.gentoo.org/show_bug.cgi?id=195261
- http://docs.info.apple.com/article.html?artnum=307562
- http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
- http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
- http://secunia.com/advisories/27284
- http://secunia.com/advisories/27529
- http://secunia.com/advisories/27629
- http://secunia.com/advisories/27746
- http://secunia.com/advisories/29420
- http://secunia.com/advisories/30161
- http://secunia.com/advisories/30430
- http://secunia.com/advisories/35302
- http://secunia.com/advisories/35386
- http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323
- http://sourceforge.net/mailarchive/forum.php?thread_name=5122753600C3E94F87FBDFFCC090D1FF0400EA68%40MERCMBX07.na.sas.com&forum_name=png-mng-implement
- http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0709140846k24e9a040r81623783b6b1c00f%40mail.gmail.com
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
- http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
- http://www.coresecurity.com/?action=item&id=2148
- http://www.gentoo.org/security/en/glsa/glsa-200711-08.xml
- http://www.gentoo.org/security/en/glsa/glsa-200805-07.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2007%3A217
- http://www.securityfocus.com/archive/1/483582/100/0/threaded
- http://www.securityfocus.com/archive/1/489135/100/0/threaded
- http://www.securityfocus.com/bid/25957
- http://www.us-cert.gov/cas/techalerts/TA08-150A.html
- http://www.vupen.com/english/advisories/2008/0924/references
- http://www.vupen.com/english/advisories/2008/1697
- http://www.vupen.com/english/advisories/2009/1462
- http://www.vupen.com/english/advisories/2009/1560
- https://issues.rpath.com/browse/RPL-1814