CVE-2008-5907

Vulnerability Description

The png_check_keyword function in pngwutil.c in libpng before 1.0.42, and 1.2.x before 1.2.34, might allow context-dependent attackers to set the value of an arbitrary memory location to zero via vectors involving creation of crafted PNG files with keywords, related to an implicit cast of the '\0' character constant to a NULL pointer. NOTE: some sources incorrectly report this as a double free vulnerability.

CVSS Score

Affected Products

References

• http://libpng.sourceforge.net/index.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.htmlThird Party Advisory
• http://openwall.com/lists/oss-security/2009/01/09/1Mailing ListThird Party Advisory
• http://secunia.com/advisories/34320Third Party Advisory
• http://secunia.com/advisories/34388Third Party Advisory
• http://security.gentoo.org/glsa/glsa-200903-28.xmlThird Party Advisory
• http://sourceforge.net/mailarchive/forum.php?thread_name=4B6F0239C13D0245820603CThird Party Advisory
• http://www.debian.org/security/2009/dsa-1750Third Party Advisory
• http://www.mandriva.com/security/advisories?name=MDVSA-2009:051Third Party Advisory
• https://exchange.xforce.ibmcloud.com/vulnerabilities/48128Third Party AdvisoryVDB Entry
• http://libpng.sourceforge.net/index.htmlThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.htmlThird Party Advisory
• http://openwall.com/lists/oss-security/2009/01/09/1Mailing ListThird Party Advisory
• http://secunia.com/advisories/34320Third Party Advisory
• http://secunia.com/advisories/34388Third Party Advisory