English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75516 CVE descriptions
and 39786 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.63612
Category:Gentoo Local Security Checks
Title:Gentoo Security Advisory GLSA 200903-28 (libpng)
Summary:Gentoo Security Advisory GLSA 200903-28 (libpng)
Description:The remote host is missing updates announced in
advisory GLSA 200903-28.

Multiple vulnerabilities were found in libpng, which might result in the
execution of arbitrary code

Solution:
All libpng users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/libpng-1.2.35'

http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-28
http://bugs.gentoo.org/show_bug.cgi?id=244808
http://bugs.gentoo.org/show_bug.cgi?id=255231
http://bugs.gentoo.org/show_bug.cgi?id=259578
Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2008-5907
http://openwall.com/lists/oss-security/2009/01/09/1
http://sourceforge.net/mailarchive/forum.php?thread_name=4B6F0239C13D0245820603C036D180BC79FBAA%40CABOTUKEXCH01.cabot.local&forum_name=png-mng-implement
Debian Security Information: DSA-1750 (Google Search)
http://www.debian.org/security/2009/dsa-1750
http://security.gentoo.org/glsa/glsa-200903-28.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:051
SuSE Security Announcement: SUSE-SR:2009:003 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
http://secunia.com/advisories/34320
http://secunia.com/advisories/34388
XForce ISS Database: libpng-pngcheckkeyword-memory-corruption(48128)
http://xforce.iss.net/xforce/xfdb/48128
Common Vulnerability Exposure (CVE) ID: CVE-2008-6218
Bugtraq: 20090312 rPSA-2009-0046-1 libpng (Google Search)
http://www.securityfocus.com/archive/1/archive/1/501767/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2010:133
BugTraq ID: 31920
http://www.securityfocus.com/bid/31920
http://secunia.com/advisories/34265
http://www.vupen.com/english/advisories/2008/2917
http://www.securitytracker.com/id?1021104
http://secunia.com/advisories/32418
http://www.vupen.com/english/advisories/2010/1837
XForce ISS Database: libpng-pnghandletext-dos(46115)
http://xforce.iss.net/xforce/xfdb/46115
Common Vulnerability Exposure (CVE) ID: CVE-2009-0040
Bugtraq: 20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues (Google Search)
http://www.securityfocus.com/archive/1/archive/1/503912/100/0/threaded
Bugtraq: 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server (Google Search)
http://www.securityfocus.com/archive/1/archive/1/505990/100/0/threaded
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com
http://lists.vmware.com/pipermail/security-announce/2009/000062.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
Debian Security Information: DSA-1830 (Google Search)
http://www.debian.org/security/2009/dsa-1830
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
http://security.gentoo.org/glsa/glsa-201209-25.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:075
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083
http://www.redhat.com/support/errata/RHSA-2009-0315.html
http://www.redhat.com/support/errata/RHSA-2009-0325.html
http://www.redhat.com/support/errata/RHSA-2009-0333.html
http://www.redhat.com/support/errata/RHSA-2009-0340.html
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
SuSE Security Announcement: SUSE-SR:2009:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
SuSE Security Announcement: SUSE-SA:2009:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
SuSE Security Announcement: SUSE-SA:2009:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
Cert/CC Advisory: TA09-218A
http://www.us-cert.gov/cas/techalerts/TA09-218A.html
CERT/CC vulnerability note: VU#649212
http://www.kb.cert.org/vuls/id/649212
BugTraq ID: 33827
http://www.securityfocus.com/bid/33827
BugTraq ID: 33990
http://www.securityfocus.com/bid/33990
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10316
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6458
http://secunia.com/advisories/34145
http://secunia.com/advisories/34210
http://secunia.com/advisories/34272
http://secunia.com/advisories/34324
http://secunia.com/advisories/34462
http://secunia.com/advisories/34464
http://secunia.com/advisories/35074
http://secunia.com/advisories/35258
http://secunia.com/advisories/35302
http://secunia.com/advisories/35379
http://secunia.com/advisories/35386
http://secunia.com/advisories/36096
http://secunia.com/advisories/34137
http://secunia.com/advisories/34140
http://secunia.com/advisories/34143
http://secunia.com/advisories/34152
http://www.vupen.com/english/advisories/2009/0469
http://www.vupen.com/english/advisories/2009/0473
http://secunia.com/advisories/33970
http://secunia.com/advisories/33976
http://www.vupen.com/english/advisories/2009/0632
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1451
http://www.vupen.com/english/advisories/2009/1462
http://www.vupen.com/english/advisories/2009/1522
http://www.vupen.com/english/advisories/2009/1560
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2009/2172
XForce ISS Database: libpng-pointer-arrays-code-execution(48819)
http://xforce.iss.net/xforce/xfdb/48819
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

This is only one of 39786 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.