Your submission was sent successfully! Close

CVE-2010-1205

Published: 30 June 2010

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
chromium-browser
Launchpad, Ubuntu, Debian
Upstream
Released (5.0.375.99)
firefox
Launchpad, Ubuntu, Debian
Upstream Needs triage

libpng
Launchpad, Ubuntu, Debian
Upstream
Released (1.2.44,1.4.3)
thunderbird
Launchpad, Ubuntu, Debian
Upstream
Released (3.0.6)
xulrunner-1.9.2
Launchpad, Ubuntu, Debian
Upstream Needs triage