ByteOS Network

CVE Vulnerability Details :

CVE-2010-2249

PUBLISHED

More Info Official Page

Assigner-redhat

Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749

Published At-30 Jun, 2010 | 18:00

Updated At-07 Aug, 2024 | 02:25

▼CVE Numbering Authority (CNA)

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20	x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=MDVSA-2010:133	vendor-advisory x_refsource_MANDRIVA
http://www.vmware.com/security/advisories/VMSA-2010-0014.html	x_refsource_CONFIRM
http://www.securityfocus.com/bid/41174	vdb-entry x_refsource_BID
http://www.vupen.com/english/advisories/2010/1877	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/3045	vdb-entry x_refsource_VUPEN
http://www.securitytracker.com/id?1024723	vdb-entry x_refsource_SECTRACK
http://support.apple.com/kb/HT4435	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/1837	vdb-entry x_refsource_VUPEN
http://support.apple.com/kb/HT4457	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/1755	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/3046	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/40472	third-party-advisory x_refsource_SECUNIA
http://support.apple.com/kb/HT4566	x_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=608644	x_refsource_CONFIRM
http://secunia.com/advisories/40302	third-party-advisory x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	vendor-advisory x_refsource_APPLE
http://secunia.com/advisories/40336	third-party-advisory x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/59816	vdb-entry x_refsource_XF
http://secunia.com/advisories/41574	third-party-advisory x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-960-1	vendor-advisory x_refsource_UBUNTU
http://www.libpng.org/pub/png/libpng.html	x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	vendor-advisory x_refsource_APPLE
http://secunia.com/advisories/42317	third-party-advisory x_refsource_SECUNIA
http://lists.vmware.com/pipermail/security-announce/2010/000105.html	mailing-list x_refsource_MLIST
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html	vendor-advisory x_refsource_FEDORA
http://www.debian.org/security/2010/dsa-2072	vendor-advisory x_refsource_DEBIAN
http://secunia.com/advisories/40547	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/42314	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/1637	vdb-entry x_refsource_VUPEN
http://support.apple.com/kb/HT4554	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	vendor-advisory x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	vendor-advisory x_refsource_APPLE
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061	vendor-advisory x_refsource_SLACKWARE
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html	vendor-advisory x_refsource_FEDORA
http://support.apple.com/kb/HT4456	x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/2491	vdb-entry x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/1846	vdb-entry x_refsource_VUPEN
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	vendor-advisory x_refsource_APPLE
http://www.vupen.com/english/advisories/2010/1612	vdb-entry x_refsource_VUPEN

Hyperlink: http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:133

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.vmware.com/security/advisories/VMSA-2010-0014.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.securityfocus.com/bid/41174

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.vupen.com/english/advisories/2010/1877

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.vupen.com/english/advisories/2010/3045

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.securitytracker.com/id?1024723

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://support.apple.com/kb/HT4435

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2010/1837

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://support.apple.com/kb/HT4457

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2010/1755

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.vupen.com/english/advisories/2010/3046

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/40472

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://support.apple.com/kb/HT4566

Resource:

x_refsource_CONFIRM

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=608644

Resource:

x_refsource_CONFIRM

Hyperlink: http://secunia.com/advisories/40302

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://secunia.com/advisories/40336

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/59816

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://secunia.com/advisories/41574

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.ubuntu.com/usn/USN-960-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://www.libpng.org/pub/png/libpng.html

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://secunia.com/advisories/42317

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2010/000105.html

Resource:

mailing-list

x_refsource_MLIST

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.debian.org/security/2010/dsa-2072

Resource:

vendor-advisory

x_refsource_DEBIAN

Hyperlink: http://secunia.com/advisories/40547

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/42314

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2010/1637

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://support.apple.com/kb/HT4554

Resource:

x_refsource_CONFIRM

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061

Resource:

vendor-advisory

x_refsource_SLACKWARE

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://support.apple.com/kb/HT4456

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.vupen.com/english/advisories/2010/2491

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://www.vupen.com/english/advisories/2010/1846

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Resource:

vendor-advisory

x_refsource_APPLE

Hyperlink: http://www.vupen.com/english/advisories/2010/1612

Resource:

vdb-entry

x_refsource_VUPEN

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20	x_refsource_CONFIRM x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2010:133	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.vmware.com/security/advisories/VMSA-2010-0014.html	x_refsource_CONFIRM x_transferred
http://www.securityfocus.com/bid/41174	vdb-entry x_refsource_BID x_transferred
http://www.vupen.com/english/advisories/2010/1877	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2010/3045	vdb-entry x_refsource_VUPEN x_transferred
http://www.securitytracker.com/id?1024723	vdb-entry x_refsource_SECTRACK x_transferred
http://support.apple.com/kb/HT4435	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2010/1837	vdb-entry x_refsource_VUPEN x_transferred
http://support.apple.com/kb/HT4457	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2010/1755	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2010/3046	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/40472	third-party-advisory x_refsource_SECUNIA x_transferred
http://support.apple.com/kb/HT4566	x_refsource_CONFIRM x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=608644	x_refsource_CONFIRM x_transferred
http://secunia.com/advisories/40302	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	vendor-advisory x_refsource_APPLE x_transferred
http://secunia.com/advisories/40336	third-party-advisory x_refsource_SECUNIA x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/59816	vdb-entry x_refsource_XF x_transferred
http://secunia.com/advisories/41574	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.ubuntu.com/usn/USN-960-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://www.libpng.org/pub/png/libpng.html	x_refsource_CONFIRM x_transferred
http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	vendor-advisory x_refsource_APPLE x_transferred
http://secunia.com/advisories/42317	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.vmware.com/pipermail/security-announce/2010/000105.html	mailing-list x_refsource_MLIST x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.debian.org/security/2010/dsa-2072	vendor-advisory x_refsource_DEBIAN x_transferred
http://secunia.com/advisories/40547	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/42314	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2010/1637	vdb-entry x_refsource_VUPEN x_transferred
http://support.apple.com/kb/HT4554	x_refsource_CONFIRM x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	vendor-advisory x_refsource_SUSE x_transferred
http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	vendor-advisory x_refsource_APPLE x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061	vendor-advisory x_refsource_SLACKWARE x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html	vendor-advisory x_refsource_FEDORA x_transferred
http://support.apple.com/kb/HT4456	x_refsource_CONFIRM x_transferred
http://www.vupen.com/english/advisories/2010/2491	vdb-entry x_refsource_VUPEN x_transferred
http://www.vupen.com/english/advisories/2010/1846	vdb-entry x_refsource_VUPEN x_transferred
http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	vendor-advisory x_refsource_APPLE x_transferred
http://www.vupen.com/english/advisories/2010/1612	vdb-entry x_refsource_VUPEN x_transferred

Hyperlink: http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2010:133

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.vmware.com/security/advisories/VMSA-2010-0014.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.securityfocus.com/bid/41174

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1877

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/3045

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.securitytracker.com/id?1024723

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://support.apple.com/kb/HT4435

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1837

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://support.apple.com/kb/HT4457

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1755

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/3046

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/40472

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://support.apple.com/kb/HT4566

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=608644

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://secunia.com/advisories/40302

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://secunia.com/advisories/40336

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/59816

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://secunia.com/advisories/41574

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.ubuntu.com/usn/USN-960-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://www.libpng.org/pub/png/libpng.html

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://secunia.com/advisories/42317

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.vmware.com/pipermail/security-announce/2010/000105.html

Resource:

mailing-list

x_refsource_MLIST

x_transferred

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://www.debian.org/security/2010/dsa-2072

Resource:

vendor-advisory

x_refsource_DEBIAN

x_transferred

Hyperlink: http://secunia.com/advisories/40547

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/42314

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1637

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://support.apple.com/kb/HT4554

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061

Resource:

vendor-advisory

x_refsource_SLACKWARE

x_transferred

Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://support.apple.com/kb/HT4456

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/2491

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1846

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

Resource:

vendor-advisory

x_refsource_APPLE

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2010/1612

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References