[Bug 504782] libpng: Interlaced Images Information Disclosure Vulnerability
bugzilla at redhat.com
bugzilla at redhat.com
Tue Jun 9 16:14:27 UTC 2009
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=504782
--- Comment #8 from Tomas Hoger <thoger at redhat.com> 2009-06-09 12:14:26 EDT ---
(In reply to comment #7)
> Calling this a security issue seems like a bit of a stretch.
Yeah, that was reaction too, when seeing upstream announcement.
> You can only read portions of individual bytes, you can't control very
> well which bytes those are, and the whole thing depends on the
> application's display code being seriously buggy (i.e. showing garbage
> pixels on the right side of an image).
I believe applications displaying images using libpng were not really assumed
attack vector, as those can only show those leaked bytes to the user running
application, so that case is non-issue. I guess they may have assumed some
automated image processing (such as image conversion using ImageMagick's
convert, or CUPS printing) as a vector, though even without checking if any
such application can return leaked bytes in some output attacker can see and
use, the leak seem rather limited, not easily predictable and not too likely to
yield any valuable data.
Have you already looked into what application must do wrong to process those
garbage pixels at all?
--
Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the mingw
mailing list