[Bug 1086514] New: CVE-2013-7353 Integer overflow leading to a heap-based buffer overflow in png_set_unknown_chunks()
bugzilla at redhat.com
bugzilla at redhat.com
Fri Apr 11 03:53:57 UTC 2014
https://bugzilla.redhat.com/show_bug.cgi?id=1086514
Bug ID: 1086514
Summary: CVE-2013-7353 Integer overflow leading to a heap-based
buffer overflow in png_set_unknown_chunks()
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team at redhat.com
Reporter: huzaifas at redhat.com
CC: drizt at land.ru, erik-fedora at vanpienbroek.nl,
fedora-mingw at lists.fedoraproject.org,
jkoncick at redhat.com, jkurik at redhat.com,
ktietz at redhat.com, lfarkas at lfarkas.org,
pfrields at redhat.com, phracek at redhat.com,
rjones at redhat.com
An integer overflow leading to a heap-based buffer overflow was found in the
png_set_unknown_chunks() API function of libpng. A attacker could create a
specially-crafated image file and render it with an application written to
explicitly call png_set_unknown_chunks() function, could cause libpng to crash
or execute arbitrary code with the permissions of the user running such an
application.
The vendor mentions that internal calls use safe values. These issues could
potentially affect applications that use the libpng API. Apparently no such
applications were identified.
Reference:
http://sourceforge.net/p/libpng/bugs/199/
http://seclists.org/oss-sec/2014/q2/83
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=70jisqeWxf&a=cc_unsubscribe
More information about the mingw
mailing list