Vulnerabilidad en pngrutil.c en libpng (CVE-2010-0205)
Gravedad CVSS v2.0:
MEDIA
Tipo:
CWE-400
Consumo de recursos no controlado (Agotamiento de recursos)
Fecha de publicación:
03/03/2010
Última modificación:
11/04/2025
Descripción
La función png_decompress_chunk en pngrutil.c en libpng 1.0.x en versiones anteriores a la 1.0.53, 1.2.x en versiones anteriores a la 1.2.43 y1.4.x en versiones anteriores a la 1.4.1 no maneja adecuadamente los datos fragmentados auxiliares comprimidos que tienen una representación descomprimida desproporcionada, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de la CPU y de la memoria y cuelgue de la aplicación) mediante un fichero PNG manipulado, como ha quedado demostrado por el uso del método de decompresión con datos con muchas ocurrencias del mismo caracter, en relación con un ataque "decompression bomb" (bomba de descompresión).
Impacto
Puntuación base 2.0
4.30
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* | 1.0.0 (incluyendo) | 1.0.53 (excluyendo) |
| cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* | 1.2.0 (incluyendo) | 1.2.43 (excluyendo) |
| cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* | 1.4.0 (incluyendo) | 1.4.1 (excluyendo) |
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* | 10.6.5 (excluyendo) | |
| cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:* | ||
| cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:* | ||
| cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:* | ||
| cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://libpng.sourceforge.net/ADVISORY-1.4.1.html
- http://libpng.sourceforge.net/decompression_bombs.html
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037237.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037355.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037364.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037607.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://lists.vmware.com/pipermail/security-announce/2010/000105.html
- http://osvdb.org/62670
- http://secunia.com/advisories/38774
- http://secunia.com/advisories/39251
- http://secunia.com/advisories/41574
- http://support.apple.com/kb/HT4435
- http://ubuntu.com/usn/usn-913-1
- http://www.debian.org/security/2010/dsa-2032
- http://www.kb.cert.org/vuls/id/576029
- http://www.mandriva.com/security/advisories?name=MDVSA-2010%3A063
- http://www.mandriva.com/security/advisories?name=MDVSA-2010%3A064
- http://www.securityfocus.com/bid/38478
- http://www.securitytracker.com/id?1023674=
- http://www.vmware.com/security/advisories/VMSA-2010-0014.html
- http://www.vupen.com/english/advisories/2010/0517
- http://www.vupen.com/english/advisories/2010/0605
- http://www.vupen.com/english/advisories/2010/0626
- http://www.vupen.com/english/advisories/2010/0637
- http://www.vupen.com/english/advisories/2010/0667
- http://www.vupen.com/english/advisories/2010/0682
- http://www.vupen.com/english/advisories/2010/0686
- http://www.vupen.com/english/advisories/2010/0847
- http://www.vupen.com/english/advisories/2010/1107
- http://www.vupen.com/english/advisories/2010/2491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56661
- http://libpng.sourceforge.net/ADVISORY-1.4.1.html
- http://libpng.sourceforge.net/decompression_bombs.html
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037237.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037355.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037364.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037607.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://lists.vmware.com/pipermail/security-announce/2010/000105.html
- http://osvdb.org/62670
- http://secunia.com/advisories/38774
- http://secunia.com/advisories/39251
- http://secunia.com/advisories/41574
- http://support.apple.com/kb/HT4435
- http://ubuntu.com/usn/usn-913-1
- http://www.debian.org/security/2010/dsa-2032
- http://www.kb.cert.org/vuls/id/576029
- http://www.mandriva.com/security/advisories?name=MDVSA-2010%3A063
- http://www.mandriva.com/security/advisories?name=MDVSA-2010%3A064
- http://www.securityfocus.com/bid/38478
- http://www.securitytracker.com/id?1023674=
- http://www.vmware.com/security/advisories/VMSA-2010-0014.html
- http://www.vupen.com/english/advisories/2010/0517
- http://www.vupen.com/english/advisories/2010/0605
- http://www.vupen.com/english/advisories/2010/0626
- http://www.vupen.com/english/advisories/2010/0637
- http://www.vupen.com/english/advisories/2010/0667
- http://www.vupen.com/english/advisories/2010/0682
- http://www.vupen.com/english/advisories/2010/0686
- http://www.vupen.com/english/advisories/2010/0847
- http://www.vupen.com/english/advisories/2010/1107
- http://www.vupen.com/english/advisories/2010/2491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56661