Integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed
Bug #934372 reported by
Zubin Mithra
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libpng (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
Integer overflow in the libpng PNG library, which could lead to the execution
of arbitrary code if a malformed image is processed
The line,
png_charp text = png_malloc_
inside libpng/pngrutil.c needs to be checked for truncation and integer overflow.
CVE-2011-3026.
CVE References
To post a comment you must log in.
Thanks for using Ubuntu and reporting a bug. This is already fixed in 1.2.46-3ubuntu2 in Ubuntu 12.04 and the stable releases of Ubuntu in http:// www.ubuntu. com/usn/ usn-1367- 1/.