Mozilla is aware of this bug and has issued a fix that will be released today for Firefox and Thunderbird. Integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed The line, pngcharp text. Images exceeding 4GB per row are not decoded, there are no other limits, at worst it will run out of memory or fail an integer overflow check, all errors are. Firefox, Thunderbird and Seamonkey users could be attacked simply by displaying a maliciously crafted image. This bug is remotely exploitable and can lead to arbitrary code execution. Integer overflow in the pngsetunknownchunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a crafted image, which triggers a heap-based buffer overflow. 32-bit: straight integer overflow in addition. An attacker could craft malicious images which exploit this bug, and deliver them to users through websites or email messages. Also from the chromium bug Ok, just a note on the actual libpng fix: the bug is fairly interesting because it is slightly different on 32-bit vs. They could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is. Integer overflow in pngreadpng (pngread.c) A PNG with excessive height may. The libpng graphics library, used by Firefox and Thunderbird as well as many other software packages, contains an exploitable integer overflow bug. Several integer overflows have been discovered by its upstream developers in libpng, a commonly used library to display PNG graphics. libPNG 1.2.5 stack-based buffer overflow and other code concerns. Redhat representatives reported about this bug to Mozilla where Mozilla issued the fix yesterday for Firefox and Thunderbird users. In libpng 1.6.34, a wrong calculation of rowfactor in the pngcheckchunklength function (pngrutil.c) may trigger an integer overflow and resultant divide. Google Chrome browser stable version recently updated to 17.0.963.56 has already this bug fixed. Mozilla Releases Update for Firefox to fix integer overflow bug in libpng Now more details coming out, Mozilla noted on their security blog that an integer overflow/truncation in Lipbng graphics library used by Firefox has been fixed with yesterday released update, this can allow an attacker to exploit the bug by crafting malicious images and sending them to users via email or websites. Yesterday Mozilla released Firefox 10.0.2 by fixing a security issue, not disclosed what it was that time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |