CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2010-1205

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.
Publish Date : 2010-06-30 Last Update Date : 2020-08-14
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
7.5
Confidentiality Impact Partial (There is considerable informational disclosure.)
Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Execute CodeOverflow
CWE ID 120

- Additional Vendor Supplied Data

Vendor Impact CVSS Score CVSS Vector Report Date Publish Date
Redhat critiab
6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P 2010-06-26 2010-06-25
If you are a vendor and you have additional data which can be automatically imported into our database, please contact admin @ cvedetails.com

- Related OVAL Definitions

Title Definition Id Class Family
CVE-2010-1205 oval:org.opensuse.security:def:20101205 unix
DSA-2072 libpng -- several vulnerabilities oval:org.mitre.oval:def:11512 unix
DSA-2072-1 libpng -- several oval:org.mitre.oval:def:13338 unix
DSA-2075 xulrunner -- several vulnerabilities oval:org.mitre.oval:def:11531 unix
DSA-2075-1 xulrunner -- several oval:org.mitre.oval:def:13136 unix
ELSA-2010:0534: libpng security update (Important) oval:org.mitre.oval:def:23184 unix
ELSA-2010:0545: thunderbird security update (Critical) oval:org.mitre.oval:def:23041 unix
ELSA-2010:0547: firefox security update (Critical) oval:org.mitre.oval:def:23023 unix
Mozilla Firefox/Thunderbird/SeaMonkey 'libpng' Buffer Overflow Vulnerability oval:org.mitre.oval:def:11851 windows
RHSA-2010:0534: libpng security update (Important) oval:org.mitre.oval:def:22383 unix
RHSA-2010:0534: libpng security update (Important) oval:com.redhat.rhsa:def:20100534 unix
RHSA-2010:0545: thunderbird security update (Critical) oval:org.mitre.oval:def:22242 unix
RHSA-2010:0545: thunderbird security update (Critical) oval:com.redhat.rhsa:def:20100545 unix
RHSA-2010:0546: seamonkey security update (Critical) oval:com.redhat.rhsa:def:20100546 unix
RHSA-2010:0547: firefox security update (Critical) oval:com.redhat.rhsa:def:20100547 unix
RHSA-2010:0547: firefox security update (Critical) oval:org.mitre.oval:def:22344 unix
USN-958-1 -- thunderbird vulnerabilities oval:org.mitre.oval:def:13110 unix
USN-960-1 -- libpng vulnerabilities oval:org.mitre.oval:def:13405 unix
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2010-1205

# Product Type Vendor Product Version Update Edition Language
1 OS Apple Iphone Os * * * * Version Details Vulnerabilities
2 Application Apple Itunes * * * * Version Details Vulnerabilities
3 OS Apple Mac Os X * * * * Version Details Vulnerabilities
4 OS Apple Mac Os X Server * * * * Version Details Vulnerabilities
5 Application Apple Safari * * * * Version Details Vulnerabilities
6 OS Canonical Ubuntu Linux 6.06 * * * Version Details Vulnerabilities
7 OS Canonical Ubuntu Linux 8.04 * * * Version Details Vulnerabilities
8 OS Canonical Ubuntu Linux 9.04 * * * Version Details Vulnerabilities
9 OS Canonical Ubuntu Linux 9.10 * * * Version Details Vulnerabilities
10 OS Canonical Ubuntu Linux 10.04 * * * Version Details Vulnerabilities
11 OS Debian Debian Linux 5.0 * * * Version Details Vulnerabilities
12 OS Fedoraproject Fedora 12 * * * Version Details Vulnerabilities
13 OS Fedoraproject Fedora 13 * * * Version Details Vulnerabilities
14 Application Google Chrome * * * * Version Details Vulnerabilities
15 Application Libpng Libpng * * * * Version Details Vulnerabilities
16 Application Mozilla Firefox * * * * Version Details Vulnerabilities
17 Application Mozilla Seamonkey * * * * Version Details Vulnerabilities
18 Application Mozilla Thunderbird * * * * Version Details Vulnerabilities
19 OS Opensuse Opensuse 11.1 * * * Version Details Vulnerabilities
20 OS Opensuse Opensuse 11.2 * * * Version Details Vulnerabilities
21 OS Suse Linux Enterprise Server 9 * * * Version Details Vulnerabilities
22 OS Suse Linux Enterprise Server 10 SP3 * * Version Details Vulnerabilities
23 OS Suse Linux Enterprise Server 11 - * * Version Details Vulnerabilities
24 OS Suse Linux Enterprise Server 11 SP1 * * Version Details Vulnerabilities
25 Application Vmware Player * * * * Version Details Vulnerabilities
26 Application Vmware Workstation * * * * Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Apple Iphone Os 1
Apple Itunes 1
Apple Mac Os X 1
Apple Mac Os X Server 1
Apple Safari 1
Canonical Ubuntu Linux 5
Debian Debian Linux 1
Fedoraproject Fedora 2
Google Chrome 1
Libpng Libpng 1
Mozilla Firefox 1
Mozilla Seamonkey 1
Mozilla Thunderbird 1
Opensuse Opensuse 2
Suse Linux Enterprise Server 4
Vmware Player 1
Vmware Workstation 1

- References For CVE-2010-1205

http://blackberry.com/btsc/KB27244 CONFIRM
http://secunia.com/advisories/42314
SECUNIA 42314
http://secunia.com/advisories/42317
SECUNIA 42317
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html
APPLE APPLE-SA-2011-03-09-2
http://support.apple.com/kb/HT4566 CONFIRM
http://support.apple.com/kb/HT4554 CONFIRM
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html
APPLE APPLE-SA-2011-03-02-1
http://support.apple.com/kb/HT4457 CONFIRM
http://www.vupen.com/english/advisories/2010/3046
VUPEN ADV-2010-3046
http://www.vupen.com/english/advisories/2010/3045
VUPEN ADV-2010-3045
http://support.apple.com/kb/HT4435 CONFIRM
http://secunia.com/advisories/41574
SECUNIA 41574
http://lists.vmware.com/pipermail/security-announce/2010/000105.html
MLIST [security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html
APPLE APPLE-SA-2010-11-22-1
http://support.apple.com/kb/HT4456 CONFIRM
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
APPLE APPLE-SA-2010-11-10-1
http://www.vmware.com/security/advisories/VMSA-2010-0014.html CONFIRM
http://www.vupen.com/english/advisories/2010/2491
VUPEN ADV-2010-2491
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
SUSE SUSE-SR:2010:017
http://support.apple.com/kb/HT4312 CONFIRM
http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html
APPLE APPLE-SA-2010-08-24-1
http://www.ubuntu.com/usn/USN-960-1
UBUNTU USN-960-1
http://trac.webkit.org/changeset/61816 CONFIRM
http://secunia.com/advisories/40472
SECUNIA 40472
http://www.debian.org/security/2010/dsa-2072
DEBIAN DSA-2072
http://www.vupen.com/english/advisories/2010/1837
VUPEN ADV-2010-1837
https://bugzilla.mozilla.org/show_bug.cgi?id=570451 CONFIRM
http://code.google.com/p/chromium/issues/detail?id=45983 CONFIRM
http://www.vupen.com/english/advisories/2010/1846
VUPEN ADV-2010-1846
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html
FEDORA FEDORA-2010-10823
http://secunia.com/advisories/40547
SECUNIA 40547
http://www.vupen.com/english/advisories/2010/1877
VUPEN ADV-2010-1877
http://www.mandriva.com/security/advisories?name=MDVSA-2010:133
MANDRIVA MDVSA-2010:133
http://www.vupen.com/english/advisories/2010/1755
VUPEN ADV-2010-1755
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html
FEDORA FEDORA-2010-10833
http://www.libpng.org/pub/png/libpng.html CONFIRM
http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html CONFIRM
https://bugs.webkit.org/show_bug.cgi?id=40798 CONFIRM
http://www.securityfocus.com/bid/41174
BID 41174 libpng Memory Corruption and Memory Leak Vulnerabilities Release Date:2014-12-24
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18 CONFIRM
http://secunia.com/advisories/40302
SECUNIA 40302
https://bugzilla.redhat.com/show_bug.cgi?id=608238 CONFIRM
http://www.vupen.com/english/advisories/2010/1612
VUPEN ADV-2010-1612
http://secunia.com/advisories/40336
SECUNIA 40336
http://www.vupen.com/english/advisories/2010/1637
VUPEN ADV-2010-1637
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061
SLACKWARE SSA:2010-180-01
http://www.mozilla.org/security/announce/2010/mfsa2010-41.html CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/59815
XF libpng-rowdata-bo(59815)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851
OVAL oval:org.mitre.oval:def:11851

- Metasploit Modules Related To CVE-2010-1205

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.