SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (Multimedia)  >   libpng Vendors:   libpng.sourceforge.net
(Apple Issues Fix) libpng Memory Access Violation When Creating Error Messages May Cause Denial of Service Conditions
SecurityTracker Alert ID:  1010912
SecurityTracker URL:  http://securitytracker.com/id/1010912
CVE Reference:   CAN-2004-0421   (Links to External Site)
Date:  Aug 10 2004
Impact:   Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in libpng. A remote user can create a PNG image that, when processed by libpng, may cause denial of service conditions.

Mandrake reported that when libpng creates an error message, libpng may access invalid memory locations. As a result, an application using libpng may crash or core dump when processing certain PNG images, the report said.

Steve Grubb is credited with discovering this flaw.

Impact:   A remote user can create a malformed PNG image that, when processed by an application using libpng, may cause the application to crash. The specific impact depends on the application using libpng.
Solution:   Apple has released a fix for Mac OS X as part of Security Update 2004-08-09, available via the Software Update pane in System Preferences or Apple's Software Downloads web site at:

http://www.apple.com/support/downloads/

For Mac OS X v10.3.4 "Panther" and Mac OS X Server v10.3.4:

Click on: Security Update 2004-08-09 (10.3.4)
The download file is named: "SecUpd2004-08-09Pan.dmg"
Its SHA-1 digest is: f65ee21e4ca2990aafbb3e5a34469107de2eefb8

For Mac OS X v10.2.8 "Jaguar" and Mac OS X Server v10.2.8:

Click on: Security Update 2004-08-09 (10.2.8)
The download file is named: "SecUpd2004-08-09Jag.dmg"
Its SHA-1 digest is: 6a7edb319c321320fd756e910a6cf0ce1537c1aa

Vendor URL:  www.libpng.org/pub/png/libpng.html (Links to External Site)
Cause:   Access control error, Resource error
Underlying OS:   UNIX (OS X)

Message History:   This archive entry is a follow-up to the message listed below.
Apr 30 2004 libpng Memory Access Violation When Creating Error Messages May Cause Denial of Service Conditions



 Source Message Contents

Date:  Mon, 9 Aug 2004 16:20:37 -0700
Subject:  APPLE-SA-2004-08-09 Security Update 2004-08-09


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

APPLE-SA-2004-09-09 Security Update 2004-08-09

Security Update 2004-08-09 is now available and delivers security
enhancements for the following system versions:
*  Mac OS X v10.3.4 "Panther"
*  Mac OS X Server v10.3.4 "Panther"
*  Mac OS X v10.2.8 "Jaguar"
*  Mac OS X Server v10.2.8 "Jaguar"

The following components are updated:

Component:  libpng (Portable Network Graphics)
CVE-IDs:    CAN-2002-1363, CAN-2004-0421, CAN-2004-0597,
CAN-2004-0598, CAN-2004-0599

Impact:  Malicious png images can cause application crashes and could
execute arbitrary code

Description:  A number of buffer overflows, null pointer dereferences
and integer overflows have been discovered in the reference library
for reading and writing PNG images. These vulnerabilities have been
corrected in libpng which is used by the CoreGraphics and AppKit
frameworks in Mac OS X.  After installing this update, applications
that use the PNG image format via these frameworks will be protected
against these flaws.

================================================

Security Update 2004-08-09 may be obtained from the Software Update
pane in System Preferences, or Apple's Software Downloads web site:

For Mac OS X v10.3.4 "Panther" and Mac OS X Server v10.3.4
==========================================================
http://www.apple.com/support/downloads/
Click on: Security Update 2004-08-09 (10.3.4)
The download file is named: "SecUpd2004-08-09Pan.dmg"
Its SHA-1 digest is:  f65ee21e4ca2990aafbb3e5a34469107de2eefb8

For Mac OS X v10.2.8 "Jaguar" and Mac OS X Server v10.2.8
=========================================================
http://www.apple.com/support/downloads/
Click on: Security Update 2004-08-09 (10.2.8)
The download file is named: "SecUpd2004-08-09Jag.dmg"
Its SHA-1 digest is:  6a7edb319c321320fd756e910a6cf0ce1537c1aa

Information will also be posted to the Apple Product Security
web site:
http://www.apple.com/support/security/security_updates.html

This message is signed with Apple's Product Security PGP key,
and details are available at:
http://www.apple.com/support/security/security_pgp.html

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQRgGkJyw5owIz4TQAQIteAgAqKXu+6QYT5ynQReJ1nU2TBkoHtFQ09sM
2M3OMcHKzBEfwZA/OpZvtYd/XVU2xk9rIBcoTMGrI7zT9QSl7AMzfKZaURrZ0evL
+K2Bxr/+FzlC5mQhoAYdpsfg49vOwklxjswSZUT0sXKP4uR/P3iyGv0RT3v84WvU
FxzK64NmA7D6R5MRyVKknKG44LTbdYq7mGpfLcENciB7+6YKRuNxP1o7Crxm6ffm
ahuJiz/6mgSwJZ8We98PN2/hFXu8t9vvXR6H8ueAUKl+fnh5qM6WF2XMyhapINNg
5iynrJhzV8yp80xv8xXK/6AtMPwBAp1mbbeDRlIONqw6Rqcl+aU2nA==
=CGgG
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | security-announce@lists.apple.com
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC