SecuritySpace - CVE-2009-5063

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2009-5063

Description: Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2009-5063
http://security.gentoo.org/glsa/glsa-201206-15.xml
http://www.openwall.com/lists/oss-security/2011/03/22/7
http://www.openwall.com/lists/oss-security/2011/03/28/6
http://secunia.com/advisories/49660

CVE ID:	CVE-2009-5063
Description:	Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a JPEG image containing an iCCP chunk with a negative embedded profile length. NOTE: this is due to an incomplete fix for CVE-2006-7244.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2009-5063 http://security.gentoo.org/glsa/glsa-201206-15.xml http://www.openwall.com/lists/oss-security/2011/03/22/7 http://www.openwall.com/lists/oss-security/2011/03/28/6 http://secunia.com/advisories/49660