Please do not reply directly to this email. All additional comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=504782 Vincent Danen <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] Summary|libpng: Interlaced Images |CVE-2009-2042 libpng: |Information Disclosure |Interlaced Images |Vulnerability |Information Disclosure | |Vulnerability Alias| |CVE-2009-2042 --- Comment #10 from Vincent Danen <[email protected]> 2009-06-12 16:43:18 EDT --- Common Vulnerabilities and Exposures assigned an identifier CVE-2009-2042 to the following vulnerability: Name: CVE-2009-2042 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 Assigned: 20090612 Reference: CONFIRM: http://www.libpng.org/pub/png/libpng.html Reference: BID:35233 Reference: URL: http://www.securityfocus.com/bid/35233 Reference: SECUNIA:35346 Reference: URL: http://secunia.com/advisories/35346 Reference: VUPEN:ADV-2009-1510 Reference: URL: http://www.vupen.com/english/advisories/2009/1510 Reference: XF:libpng-interlaced-image-info-disclosure(50966) Reference: URL: http://xforce.iss.net/xforce/xfdb/50966 libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ fedora-mingw mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/fedora-mingw
