Vulnerability Bulletins |
Ejecución remota de código en librería libpng |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | GNU/Linux |
| Affected software |
libpng 1.2.x < 1.2.35 libpng 1.0.x < 1.0.43 |
Description |
|
|
Se ha descubierto una vulnerabilidad en la librería libpng 1.0 y 1.2. La vulnerabilidad reside en errores en la liberación de un puntero no inicializado en la función "png_read_png", en el manejo de pCAL y en la configuración de las tablas gamma de 16 bits. Un atacante remoto podría causar una denegación de servicio o ejecutar código remoto mediante un fichero PNG especialmente diseñado. |
|
Solution |
|
|
Actualización de software Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux. Red Hat (RHSA-2009:0333-7) RHEL Desktop Workstation (v. 5 cliente) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 cliente) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ Red Hat (RHSA-2009:0340-3) Red Hat Desktop (v. 3) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux WS (v. 3) https://rhn.redhat.com/ Mozilla Firefox 3.07 http://www.mozilla.org/products/firefox/ Thunderbird 2.0.0.21 http://www.mozilla.org/products/thunderbird/ SeaMonkey 1.1.15 http://www.seamonkey-project.org/ Actualización de software Red Hat (RHSA-2009:0315-4) RHEL Desktop Workstation (v. 5 cliente) Red Hat Desktop (v. 4) Red Hat Enterprise Linux (v. 5 servidor) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux Desktop (v. 5 cliente) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 4) https://rhn.redhat.com/ Red Hat (RHSA-2009:0325-4) Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor https://rhn.redhat.com/ Debian (DSA-1750-1) Debian Linux 4.0 Source http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.diff.gz http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.15~beta5-1+etch2.dsc Arquitectura independiente: http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.15~beta5-1+etch2_all.deb alpha (DEC Alpha) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_alpha.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_alpha.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_alpha.udeb amd64 (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_amd64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_amd64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_amd64.udeb arm (ARM) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_arm.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_arm.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_arm.deb hppa (HP PA RISC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_hppa.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_hppa.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_hppa.deb i386 (Intel ia32) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_i386.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_i386.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_i386.deb ia64 (Intel ia64) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_ia64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_ia64.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_ia64.deb mips (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mips.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mips.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mips.udeb mipsel (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_mipsel.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_mipsel.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_mipsel.deb powerpc (PowerPC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_powerpc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_powerpc.udeb s390 (IBM S/390) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_s390.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_s390.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_s390.udeb sparc (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.15~beta5-1+etch2_sparc.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.15~beta5-1+etch2_sparc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.15~beta5-1+etch2_sparc.deb Debian (DSA-1750-1) Debian Linux 5.0 Source http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.diff.gz http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny2.dsc Arquitectura independiente: http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny2_all.deb alpha (DEC Alpha) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_alpha.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_alpha.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_alpha.udeb amd64 (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_amd64.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_amd64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_amd64.deb arm (ARM) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_arm.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_arm.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_arm.deb armel (ARM EABI) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_armel.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_armel.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_armel.deb hppa (HP PA RISC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_hppa.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_hppa.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_hppa.udeb i386 (Intel ia32) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_i386.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_i386.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_i386.deb ia64 (Intel ia64) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_ia64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_ia64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_ia64.udeb mips (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mips.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mips.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mips.deb mipsel (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_mipsel.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_mipsel.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_mipsel.deb powerpc (PowerPC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_powerpc.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_powerpc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_powerpc.deb s390 (IBM S/390) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_s390.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_s390.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_s390.deb sparc (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny2_sparc.udeb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny2_sparc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny2_sparc.deb Sun (259989) Para Solaris 8 y 9 no existe parche oficial para esta vulnerabilidad. Solaris 10 / SPARC / patch 137080-02 Solaris 10 / x86 / patch 137080-03 OpenSolaris / upon builds snv_113 o posterior http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Debian (DSA-1830-1) Debian Linux 5.0 Source http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1.dsc http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1.diff.gz http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22.orig.tar.gz alpha (DEC Alpha) http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_alpha.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_alpha.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_alpha.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_alpha.deb amd64 (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_amd64.deb http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_amd64.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_amd64.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_amd64.deb arm (ARM) http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_arm.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_arm.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_arm.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_arm.deb hppa (HP PA RISC) http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_hppa.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_hppa.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_hppa.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_hppa.deb i386 (Intel ia32) http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_i386.deb http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_i386.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_i386.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_i386.deb ia64 (Intel ia64) http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_ia64.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_ia64.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_ia64.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_ia64.deb mips (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_mips.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_mips.deb http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_mips.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_mips.deb mipsel (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_mipsel.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_mipsel.deb http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_mipsel.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_mipsel.deb powerpc (PowerPC) http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_powerpc.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_powerpc.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_powerpc.deb http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_powerpc.deb s390 (IBM S/390) http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_s390.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_s390.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_s390.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_s390.deb sparc (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/i/icedove/icedove-dbg_2.0.0.22-0lenny1_sparc.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-gnome-support_2.0.0.22-0lenny1_sparc.deb http://security.debian.org/pool/updates/main/i/icedove/icedove_2.0.0.22-0lenny1_sparc.deb http://security.debian.org/pool/updates/main/i/icedove/icedove-dev_2.0.0.22-0lenny1_sparc.deb Sun Solaris 9 / SPARC / patch 139382-02 o 114822-06 o posteriores Solaris 10 / SPARC / patch 137080-03 o posterior Solaris 9 / x86 / patch 139383-02 o posterior Solaris 10 / x86 / patch 137081-03 o posterior OpenSolaris builds snv_113 o posterior http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2009-0040 |
| BID | 33827 |
Other resources |
|
|
SUSE Security Advisory (SUSE-SR:2009:005) http://www.novell.com/linux/security/advisories/2009_5_sr.html Red Hat Security Advisory (RHSA-2009:0333-7) https://rhn.redhat.com/errata/RHSA-2009-0333.html Red Hat Security Advisory (RHSA-2009:0340-3) https://rhn.redhat.com/errata/RHSA-2009-0340.html Mozilla Foundation Security Advisory (2009-10) http://www.mozilla.org/security/announce/2009/mfsa2009-10.html Red Hat Security Advisory (RHSA-2009:0315-4) https://rhn.redhat.com/errata/RHSA-2009-0315.html Red Hat Security Advisory (RHSA-2009:0325-4) https://rhn.redhat.com/errata/RHSA-2009-0325.html Debian Security Advisory (DSA-1750-1) http://lists.debian.org/debian-security-announce/2009/msg00060.html SUSE Security Advisory (SUSE-SA:2009:023) http://www.novell.com/linux/security/advisories/2009_23_firefox2.html Sun Alert Notification (259989) http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 Debian Security Advisory (DSA-1830-1) http://lists.debian.org/debian-security-announce/2009/msg00143.html Sun Alert Notification http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2009-03-05 |
| 1.1 | Aviso emitido por Mozilla (2009-10) | 2009-03-09 |
| 1.2 | Aviso emitido por Red Hat (RHSA-2009:0315-4) | 2009-03-09 |
| 1.3 | Aviso emitido por Red Hat (RHSA-2009:0325-4) | 2009-03-11 |
| 1.4 | Aviso emitido por Debian (DSA-1750-1) | 2009-03-23 |
| 1.5 | Aviso emitido por Suse (SUSE-SA:2009:023) | 2009-04-21 |
| 1.6 | Aviso emitido por Sun (259989) | 2009-06-03 |
| 1.7 | Aviso emitido por Debian (DSA-1830-1) | 2009-07-13 |
| 1.8 | Aviso emitido por Sun | 2010-06-08 |