Single-byte overflow buffer vulnerability in the libpng "png_formatted_warning ()" function
Release date:
Updated on:
Affected Systems:
Libpng 1.5.7
Libpng 1.5.6
Libpng 1.5.5
Libpng 1.5.
Unaffected system:
Libpng 1.5.8
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51823
Cve id: CVE-2011-3464
Libpng is a function library used by various applications to parse PNG image formats.
Libpng has a single-byte overflow vulnerability in the implementation of the png_formatted_warning () function. Remote attackers can exploit this vulnerability to cause applications in the affected database to crash and execute arbitrary code.
<* Source: libpng
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Libpng
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Libpng details: click here
Libpng: click here