Your submission was sent successfully! Close

CVE-2010-1205

Published: 30 June 2010

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Does not exist

jaunty Does not exist

karmic Does not exist

lucid
Released (6.0.472.53~r57914-0ubuntu0.10.04.1)
upstream
Released (5.0.375.99)
firefox
Launchpad, Ubuntu, Debian
dapper Ignored
(uses system libpng)
hardy Ignored
(uses system libpng)
jaunty Does not exist

karmic Does not exist

lucid
Released (3.6.7+build2+nobinonly-0ubuntu0.10.04.1)
upstream Needs triage

libpng
Launchpad, Ubuntu, Debian
dapper
Released (1.2.8rel-5ubuntu0.6)
hardy
Released (1.2.15~beta5-3ubuntu0.3)
jaunty
Released (1.2.27-2ubuntu2.2)
karmic
Released (1.2.37-1ubuntu0.2)
lucid
Released (1.2.42-1ubuntu2.1)
upstream
Released (1.2.44,1.4.3)
thunderbird
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy Not vulnerable

intrepid Not vulnerable

jaunty Not vulnerable

karmic Not vulnerable

lucid
Released (3.0.6+build2+nobinonly-0ubuntu0.10.04.1)
upstream
Released (3.0.6)
xulrunner-1.9.2
Launchpad, Ubuntu, Debian
dapper Does not exist

hardy
Released (1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2)
jaunty
Released (1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2)
karmic
Released (1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2)
lucid
Released (1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1)
upstream Needs triage