The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apple
  • Mac Os X
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Fedoraproject
  • Fedora
Libpng
  • Libpng
Opensuse
  • Opensuse
Redhat
  • Enterprise Linux
Suse
  • Linux Enterprise Server

Configuration 1 [-]

OR cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*
cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 3
libpng-2:1.2.2-30 cpe:/o:redhat:enterprise_linux:3 RHSA-2010:0534 2010-07-14T00:00:00Z
libpng10-0:1.0.13-21 cpe:/o:redhat:enterprise_linux:3 RHSA-2010:0534 2010-07-14T00:00:00Z
Red Hat Enterprise Linux 4
libpng-2:1.2.7-3.el4_8.3 cpe:/o:redhat:enterprise_linux:4 RHSA-2010:0534 2010-07-14T00:00:00Z
libpng10-0:1.0.16-3.el4_8.4 cpe:/o:redhat:enterprise_linux:4 RHSA-2010:0534 2010-07-14T00:00:00Z
Red Hat Enterprise Linux 5
libpng-2:1.2.10-7.1.el5_5.3 cpe:/o:redhat:enterprise_linux:5 RHSA-2010:0534 2010-07-14T00:00:00Z
References
Link Providers
http://libpng.sourceforge.net/ADVISORY-1.4.1.html cve-icon cve-icon
http://libpng.sourceforge.net/decompression_bombs.html cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037237.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037355.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037364.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037607.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html cve-icon cve-icon
http://lists.vmware.com/pipermail/security-announce/2010/000105.html cve-icon cve-icon
http://osvdb.org/62670 cve-icon cve-icon
http://secunia.com/advisories/38774 cve-icon cve-icon
http://secunia.com/advisories/39251 cve-icon cve-icon
http://secunia.com/advisories/41574 cve-icon cve-icon
http://support.apple.com/kb/HT4435 cve-icon cve-icon
http://ubuntu.com/usn/usn-913-1 cve-icon cve-icon
http://www.debian.org/security/2010/dsa-2032 cve-icon cve-icon
http://www.kb.cert.org/vuls/id/576029 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:063 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2010:064 cve-icon cve-icon
http://www.securityfocus.com/bid/38478 cve-icon cve-icon
http://www.securitytracker.com/id?1023674 cve-icon cve-icon
http://www.vmware.com/security/advisories/VMSA-2010-0014.html cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0517 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0605 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0626 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0637 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0667 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0682 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0686 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/0847 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/1107 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/2491 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/56661 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2010-0205 cve-icon
https://www.cve.org/CVERecord?id=CVE-2010-0205 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2010-03-03T19:00:00

Updated: 2024-08-07T00:37:54.124Z

Reserved: 2010-01-06T00:00:00

Link: CVE-2010-0205

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2010-03-03T19:30:00.493

Modified: 2020-08-07T13:26:06.807

Link: CVE-2010-0205

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-03-01T00:00:00Z

Links: CVE-2010-0205 - Bugzilla