Boletines de Vulnerabilidades |
Ejecución de código arbitrario mediante la librería libpng |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Obtener acceso |
Dificultad | Principiante |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio exotico |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado | libpng <= 1.2.5 |
Descripción |
|
Se han encontrado varias vulnerabilidades en la librería libpng, utilizada por diferentes aplicaciones poder visualizar imágenes con formato PNG. Una de estas vulnerabilidades consiste en un desbordamiento de búfer debido a un uso incorrecto de la longitud de los datos sobre transparencia de la imagen. Su explotación permitiría a un atacante ejecutar código arbitrario en el sistema de la víctima, para lo cual debería diseñar una imagen PNG con datos incorrectos y conseguir que la víctima visualizara dicha imagen. Otras vulnerabilidades similares pueden, como mínimo, provocar fallos en las aplicaciones que utilizan esta librería. |
|
Solución |
|
Actualización de software SuSE Linux SuSE Linux 9.1 - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libpng-1.2.5-182.7.i586.rpm SuSE Linux 9.1 - Arquitectura IA64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libpng-1.2.5-182.7.x86_64.rpm SuSE Linux 9.1 - Parche - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/libpng-1.2.5-182.7.i586.patch.rpm SuSE Linux 9.1 - Parche - Arquitectura IA64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/libpng-1.2.5-182.7.x86_64.patch.rpm SuSE Linux 9.1 - Fuentes - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/libpng-1.2.5-182.7.src.rpm SuSE Linux 9.1 - Fuentes - Arquitectura IA64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/libpng-1.2.5-182.7.src.rpm SuSE Linux 9.0 - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libpng-1.2.5-191.i586.rpm SuSE Linux 9.0 - Arquitectura IA64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libpng-1.2.5-191.x86_64.rpm SuSE Linux 9.0 - Parche - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/libpng-1.2.5-191.i586.patch.rpm SuSE Linux 9.0 - Parche - Arquitectura IA64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/x86_64/libpng-1.2.5-191.x86_64.patch.rpm SuSE Linux 9.0 - Fuentes - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/src/libpng-1.2.5-191.src.rpm SuSE Linux 9.0 - Fuentes - Arquitectura IA64 ftp://ftp.suse.com/pub/suse/x86_64/update/9.0/rpm/src/libpng-1.2.5-191.src.rpm SuSE Linux 8.2 - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libpng-1.2.5-191.i586.rpm SuSE Linux 8.2 - Parche ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/libpng-1.2.5-191.i586.patch.rpm SuSE Linux 8.2 - Fuentes ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/src/libpng-1.2.5-191.src.rpm SuSE Linux 8.1 - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/libpng-1.2.4-115.i586.rpm SuSE Linux 8.1 - Parche ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/libpng-1.2.4-115.i586.patch.rpm SuSE Linux 8.1 - Fuentes ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/src/libpng-1.2.4-115.src.rpm SuSE Linux 8.0 - Arquitectura i386 ftp://ftp.suse.com/pub/suse/i386/update/8.0/gra1/libpng-2.1.0.12-169.i386.rpm SuSE Linux 8.0 - Parche ftp://ftp.suse.com/pub/suse/i386/update/8.0/gra1/libpng-2.1.0.12-169.i386.patch.rpm SuSE Linux 8.0 - Fuentes ftp://ftp.suse.com/pub/suse/i386/update/8.0/zq1/libpng-2.1.0.12-169.src.rpm Mandrake Linux Mandrake Linux 9.1 ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.1/RPMS/libpng3-1.2.5-2.5.91mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.1/RPMS/libpng3-devel-1.2.5-2.5.91mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.1/RPMS/libpng3-static-devel-1.2.5-2.5.91mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.1/SRPMS/libpng-1.2.5-2.5.91mdk.src.rpm Mandrake Linux 9.1 - Arquitectura PPC ftp://ftp.planetmirror.com/pub/Mandrake/updates/ppc/9.1/RPMS/libpng3-1.2.5-2.5.91mdk.ppc.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/ppc/9.1/RPMS/libpng3-devel-1.2.5-2.5.91mdk.ppc.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/ppc/9.1/RPMS/libpng3-static-devel-1.2.5-2.5.91mdk.ppc.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/ppc/9.1/SRPMS/libpng-1.2.5-2.5.91mdk.src.rpm Mandrake Linux 9.2 ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.2/RPMS/libpng3-1.2.5-7.5.92mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.2/RPMS/libpng3-devel-1.2.5-7.5.92mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.2/RPMS/libpng3-static-devel-1.2.5-7.5.92mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/9.2/SRPMS/libpng-1.2.5-7.5.92mdk.src.rpm Mandrake Linux 9.2 - Arquitectura AMD64 ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/9.2/RPMS/lib64png3-1.2.5-7.5.92mdk.amd64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/9.2/RPMS/lib64png3-devel-1.2.5-7.5.92mdk.amd64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/9.2/RPMS/lib64png3-static-devel-1.2.5-7.5.92mdk.amd64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/9.2/SRPMS/libpng-1.2.5-7.5.92mdk.src.rpm Mandrake Linux 10.0 ftp://ftp.planetmirror.com/pub/Mandrake/updates/10.0/RPMS/libpng3-1.2.5-10.5.100mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/10.0/RPMS/libpng3-devel-1.2.5-10.5.100mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/10.0/RPMS/libpng3-static-devel-1.2.5-10.5.100mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/10.0/SRPMS/libpng-1.2.5-10.5.100mdk.src.rpm Mandrake Linux 10.0 - Arquitectura AMD64 ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/10.0/RPMS/lib64png3-1.2.5-10.5.100mdk.amd64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/10.0/RPMS/lib64png3-devel-1.2.5-10.5.100mdk.amd64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/10.0/RPMS/lib64png3-static-devel-1.2.5-10.5.100mdk.amd64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/amd64/10.0/SRPMS/libpng-1.2.5-10.5.100mdk.src.rpm Mandrake Multi Network Firewall 8.2 ftp://ftp.planetmirror.com/pub/Mandrake/updates/mnf8.2/RPMS/libpng3-1.2.4-3.7.M82mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/mnf8.2/SRPMS/libpng-1.2.4-3.7.M82mdk.src.rpm Mandrake Corporate Server 2.1 ftp://ftp.planetmirror.com/pub/Mandrake/updates/corporate/2.1/RPMS/libpng3-1.2.4-3.7.C21mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/corporate/2.1/RPMS/libpng3-devel-1.2.4-3.7.C21mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/corporate/2.1/RPMS/libpng3-static-devel-1.2.4-3.7.C21mdk.i586.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/corporate/2.1/SRPMS/libpng-1.2.4-3.7.C21mdk.src.rpm Corporate Server 2.1 - Arquitectura X86-64 ftp://ftp.planetmirror.com/pub/Mandrake/updates/x86_64/corporate/2.1/RPMS/libpng3-1.2.4-3.7.C21mdk.x86_64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/x86_64/corporate/2.1/RPMS/libpng3-devel-1.2.4-3.7.C21mdk.x86_64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/x86_64/corporate/2.1/RPMS/libpng3-static-devel-1.2.4-3.7.C21mdk.x86_64.rpm ftp://ftp.planetmirror.com/pub/Mandrake/updates/x86_64/corporate/2.1/SRPMS/libpng-1.2.4-3.7.C21mdk.src.rpm Debian Linux Debian Linux 3.0 "Woody" - Fuentes http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.0.12-3.woody.7.dsc http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.0.12-3.woody.7.diff.gz http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.0.12.orig.tar.gz http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7.dsc http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7.diff.gz http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1.orig.tar.gz Debian Linux 3.0 "Woody" - Arquitectura ARM http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_arm.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_arm.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_arm.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_arm.deb Debian Linux 3.0 "Woody" - Arquitectura Intel IA-32 http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_i386.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_i386.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_i386.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_i386.deb Debian Linux 3.0 "Woody" - Arquitectura Intel IA-64 http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_ia64.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_ia64.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_ia64.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_ia64.deb Debian Linux 3.0 "Woody" - Arquitectura HP Precision http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_hppa.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_hppa.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_hppa.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_hppa.deb Debian Linux 3.0 "Woody" - Arquitectura Motorola 680x0 http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_m68k.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_m68k.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_m68k.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_m68k.deb Debian Linux 3.0 "Woody" - Arquitectura Big endian MIPS http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_mips.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_mips.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_mips.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_mips.deb Debian Linux 3.0 "Woody" - Arquitectura Little endian MIPS http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_mipsel.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_mipsel.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_mipsel.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_mipsel.deb Debian Linux 3.0 "Woody" - Arquitectura PowerPC http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_powerpc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_powerpc.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_powerpc.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_powerpc.deb Debian Linux 3.0 "Woody" - Arquitectura IBM S/390 http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_s390.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_s390.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_s390.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_s390.deb Debian Linux 3.0 "Woody" - Arquitectura Sun Sparc http://security.debian.org/pool/updates/main/libp/libpng/libpng2_1.0.12-3.woody.7_sparc.deb http://security.debian.org/pool/updates/main/libp/libpng/libpng2-dev_1.0.12-3.woody.7_sparc.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng-dev_1.2.1-1.1.woody.7_sparc.deb http://security.debian.org/pool/updates/main/libp/libpng3/libpng3_1.2.1-1.1.woody.7_sparc.deb Red Hat Linux Red Hat Desktop (v. 3) - Arquitectura i386 libpng-1.2.2-25.i386.rpm libpng-devel-1.2.2-25.i386.rpm libpng10-1.0.13-15.i386.rpm libpng10-devel-1.0.13-15.i386.rpm libpng-1.2.2-25.i386.rpm Red Hat Desktop (v. 3) - Arquitectura AMD64 libpng-1.2.2-25.x86_64.rpm libpng-devel-1.2.2-25.x86_64.rpm libpng10-1.0.13-15.x86_64.rpm libpng10-devel-1.0.13-15.x86_64.rpm Red Hat Desktop (v. 3) - SRPMS libpng-1.2.2-25.src.rpm libpng10-1.0.13-15.src.rpm Red Hat Enterprise Linux AS (v. 2.1) - Arquitectura i386 libpng-1.0.14-7.i386.rpm libpng-devel-1.0.14-7.i386.rpm Red Hat Enterprise Linux AS (v. 2.1) - Arquitectura IA64 libpng-1.0.14-7.ia64.rpm libpng-devel-1.0.14-7.ia64.rpm Red Hat Enterprise Linux AS (v. 2.1) - SRPMS libpng-1.0.14-7.src.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura i386 libpng-1.2.2-25.i386.rpm libpng-devel-1.2.2-25.i386.rpm libpng10-1.0.13-15.i386.rpm libpng10-devel-1.0.13-15.i386.rpm libpng-1.2.2-25.i386.rpm libpng-1.2.2-25.i386.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura AMD64 libpng-1.2.2-25.x86_64.rpm libpng-devel-1.2.2-25.x86_64.rpm libpng10-1.0.13-15.x86_64.rpm libpng10-devel-1.0.13-15.x86_64.rpm Red Hat Enterprise Linux AS (v. 3) - SRPMS libpng-1.2.2-25.src.rpm libpng10-1.0.13-15.src.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura IA64 libpng-1.2.2-25.ia64.rpm libpng-devel-1.2.2-25.ia64.rpm libpng10-1.0.13-15.ia64.rpm libpng10-devel-1.0.13-15.ia64.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura PPC libpng-1.2.2-25.ppc.rpm libpng-devel-1.2.2-25.ppc.rpm libpng10-1.0.13-15.ppc.rpm libpng10-devel-1.0.13-15.ppc.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura PPC64 libpng-1.2.2-25.ppc64.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura S390 libpng-1.2.2-25.s390.rpm libpng-devel-1.2.2-25.s390.rpm libpng10-1.0.13-15.s390.rpm libpng10-devel-1.0.13-15.s390.rpm libpng-1.2.2-25.s390.rpm Red Hat Enterprise Linux AS (v. 3) - Arquitectura S390x libpng-1.2.2-25.s390x.rpm libpng-devel-1.2.2-25.s390x.rpm libpng10-1.0.13-15.s390x.rpm libpng10-devel-1.0.13-15.s390x.rpm Red Hat Enterprise Linux ES (v. 2.1) - Arquitectura i386 libpng-1.0.14-7.i386.rpm libpng-devel-1.0.14-7.i386.rpm Red Hat Enterprise Linux ES (v. 2.1) - SRPMS libpng-1.0.14-7.src.rpm Red Hat Enterprise Linux ES (v. 3) - Arquitectura i386 libpng-1.2.2-25.i386.rpm libpng-devel-1.2.2-25.i386.rpm libpng10-1.0.13-15.i386.rpm libpng10-devel-1.0.13-15.i386.rpm libpng-1.2.2-25.i386.rpm libpng-1.2.2-25.i386.rpm Red Hat Enterprise Linux ES (v. 3) - Arquitectura AMD64 libpng-1.2.2-25.x86_64.rpm libpng-devel-1.2.2-25.x86_64.rpm libpng10-1.0.13-15.x86_64.rpm libpng10-devel-1.0.13-15.x86_64.rpm Red Hat Enterprise Linux ES (v. 3) - SRPMS libpng-1.2.2-25.src.rpm libpng10-1.0.13-15.src.rpm Red Hat Enterprise Linux ES (v. 3) - Arquitectura IA64 libpng-1.2.2-25.ia64.rpm libpng-devel-1.2.2-25.ia64.rpm libpng10-1.0.13-15.ia64.rpm libpng10-devel-1.0.13-15.ia64.rpm Red Hat Enterprise Linux WS (v. 2.1) - Arquitectura i386 libpng-1.0.14-7.i386.rpm libpng-devel-1.0.14-7.i386.rpm Red Hat Enterprise Linux WS (v. 2.1) - SRPMS libpng-1.0.14-7.src.rpm Red Hat Enterprise Linux WS (v. 3) - Arquitectura i386 libpng-1.2.2-25.i386.rpm libpng-devel-1.2.2-25.i386.rpm libpng10-1.0.13-15.i386.rpm libpng10-devel-1.0.13-15.i386.rpm libpng-1.2.2-25.i386.rpm libpng-1.2.2-25.i386.rpm Red Hat Enterprise Linux WS (v. 3) - Arquitectura AMD64 libpng-1.2.2-25.x86_64.rpm libpng-devel-1.2.2-25.x86_64.rpm libpng10-1.0.13-15.x86_64.rpm libpng10-devel-1.0.13-15.x86_64.rpm Red Hat Enterprise Linux WS (v. 3) - Arquitectura IA64 libpng-1.2.2-25.ia64.rpm libpng-devel-1.2.2-25.ia64.rpm libpng10-1.0.13-15.ia64.rpm libpng10-devel-1.0.13-15.ia64.rpm Red Hat Enterprise Linux WS (v. 3) - SRPMS libpng-1.2.2-25.src.rpm libpng10-1.0.13-15.src.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor - Arquitectura IA64 libpng-1.0.14-7.ia64.rpm libpng-devel-1.0.14-7.ia64.rpm Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor - SRPMS libpng-1.0.14-7.src.rpm HP Tru64 UNIX Usuarios de Mozilla Application Suite < 1.7: Actualización a la versión 1.7 http://www.mozilla.org/releases/ http://h30097.www3.hp.com/internet/download.htm Apple Mac OS X update 10.3.5 http://www.apple.com/support/downloads//macosxcombinedupdate_10_3_5_.html Mac OS X 10.3.4 & 10.2.8 http://www.apple.com/support/downloads/securityupdate_2004-08-09_(10_2_8)_.html SCO UnixWare 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.16/erg712684.pkg OpenServer 5.0.7 ftp://ftp.sco.com/pub/openserver5/507/mp/osr507mp4/osr507mp4_vol.tar Sun Solaris 9 - GNOME 2.0.2 SPARC http://sunsolve.sun.com/search/document.do?assetkey=1-21-114822-04-1 Solaris 9 - GNOME 2.0 SPARC http://sunsolve.sun.com/search/document.do?assetkey=1-21-114818-06-1 http://sunsolve.sun.com/search/document.do?assetkey=1-21-114820-05-1 x86 http://sunsolve.sun.com/search/document.do?assetkey=1-21-114819-06-1 Solaris 9 (x86, SPARC) - Netscape 7 El fabricante todavía no ha publicado una solución. Solaris 8 - GNOME 2.0 SPARC http://sunsolve.sun.com/search/document.do?assetkey=1-21-114816-02-1 x86 http://sunsolve.sun.com/search/document.do?assetkey=1-21-114817-02-1 Solaris 8 (x86, SPARC) - Netscape 7 El fabricante todavía no ha publicado una solución. Solaris 7 (x86, SPARC) - Netscape 7 El fabricante todavía no ha publicado una solución. Sun Java Desktop Systems (JDS) release 2003 Actualización disponible mediante "Online Update" Sun Java Desktop Systems (JDS) release 2 Actualización disponible mediante "Online Update" Mandriva (doxygen MDKSA-2006:212) Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/doxygen-1.3.5-2.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/doxygen-1.3.5-2.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/doxygen-1.3.5-2.1.C30mdk.src.rpm Mandriva Linux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/i586/doxygen-1.4.4-1.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/x86_64/doxygen-1.4.4-1.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/doxygen-1.4.4-1.1.20060mdk.src.rpm Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/doxygen-1.4.7-1.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/doxygen-1.4.7-1.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/doxygen-1.4.7-1.1mdv2007.0.src.rpm Corporate Server 4.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/i586/doxygen-1.4.4-1.1.20060mlcs4.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/x86_64/doxygen-1.4.4-1.1.20060mlcs4.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/4.0/SRPMS/doxygen-1.4.4-1.1.20060mlcs4.src.rpm Mandriva (chromium MDKSA-2006:213) Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/chromium-0.9.12-21.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/i586/chromium-setup-0.9.12-21.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/chromium-0.9.12-21.1.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/chromium-0.9.12-21.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/x86_64/chromium-setup-0.9.12-21.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/chromium-0.9.12-21.1.C30mdk.src.rpm Mandriva Linux 2007 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/chromium-0.9.12-25.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/i586/chromium-setup-0.9.12-25.1mdv2007.0.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/chromium-0.9.12-25.1mdv2007.0.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/chromium-0.9.12-25.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/x86_64/chromium-setup-0.9.12-25.1mdv2007.0.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2007.0/SRPMS/chromium-0.9.12-25.1mdv2007.0.src.rpm |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE |
CAN-2004-0597 CAN-2004-0598 CAN-2004-0599 |
BID | |
Recursos adicionales |
|
Chris Evans - libPNG stack-based buffer overflow and other code concerns http://www.securiteam.com/unixfocus/5ZP0C0KDPG.html SuSE Security Announcement SUSE-SA:2004:023 http://www.suse.de/de/security/2004_23_libpng.html Mandrake Security Advisory MDKSA-2004:079 http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:079 Debian Security Advisory DSA 536-1 http://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00139.html RedHat Security Advisory RHSA-2004:402-08 https://rhn.redhat.com/errata/RHSA-2004-402.html Apple Security Update http://docs.info.apple.com/article.html?artnum=61798 HP Security Bulletin HPSBTU01063 http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01063 SCO Security Advisory SCOSA-2004.16 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.16/SCOSA-2004.16.txt SCO Security Advisory (SCOSA-2005.49) ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt Sun Alert ID: 57617 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F57617&zone_32=category%3Asecurity Sun Alert ID: 57683 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57683-1 Mandriva Security Advisory (MDKSA-2006:212) http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 Mandriva Security Advisory (MDKSA-2006:213) http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2004-08-05 |
1.1 | Aviso emitido por Mandrake (MDKSA-2004:079), Debian (DSA 536-1), RedHat (RHSA-2004:402-08) y HP (HPSBTU01063) | 2004-08-06 |
1.2 | Aviso emitido por Sun (Sun Alert ID: 57617) | 2004-08-10 |
1.3 | Aviso emitido por Apple | 2004-08-11 |
2.0 | Exploit público disponible | 2004-08-12 |
2.1 | Aviso emitido por SCO (SCOSA-2004.16) | 2004-10-13 |
2.2 | Aviso actualizado por Sun (57617) | 2004-10-18 |
2.3 | Aviso emitido por Sun (57683) | 2004-12-01 |
2.4 | Aviso emitido por SCO (SCOSA-2005.49) | 2005-11-28 |
2.5 | Aviso emitido por Mandriva (MDKSA-2006:212, MDKSA-2006:213) | 2006-11-17 |