Vulnerability Details CVE-2010-0205
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.081
EPSS Ranking 91.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://libpng.sourceforge.net/ADVISORY-1.4.1.html
- http://libpng.sourceforge.net/decompression_bombs.html
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037237.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037355.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037364.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037607.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://lists.vmware.com/pipermail/security-announce/2010/000105.html
- http://osvdb.org/62670
- http://secunia.com/advisories/38774
- http://secunia.com/advisories/39251
- http://secunia.com/advisories/41574
- http://support.apple.com/kb/HT4435
- http://ubuntu.com/usn/usn-913-1
- http://www.debian.org/security/2010/dsa-2032
- http://www.kb.cert.org/vuls/id/576029
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:063
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:064
- http://www.securityfocus.com/bid/38478
- http://www.securitytracker.com/id?1023674
- http://www.vmware.com/security/advisories/VMSA-2010-0014.html
- http://www.vupen.com/english/advisories/2010/0517
- http://www.vupen.com/english/advisories/2010/0605
- http://www.vupen.com/english/advisories/2010/0626
- http://www.vupen.com/english/advisories/2010/0637
- http://www.vupen.com/english/advisories/2010/0667
- http://www.vupen.com/english/advisories/2010/0682
- http://www.vupen.com/english/advisories/2010/0686
- http://www.vupen.com/english/advisories/2010/0847
- http://www.vupen.com/english/advisories/2010/1107
- http://www.vupen.com/english/advisories/2010/2491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56661
- http://libpng.sourceforge.net/ADVISORY-1.4.1.html
- http://libpng.sourceforge.net/decompression_bombs.html
- http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037237.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037355.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037364.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-March/037607.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
- http://lists.vmware.com/pipermail/security-announce/2010/000105.html
- http://osvdb.org/62670
- http://secunia.com/advisories/38774
- http://secunia.com/advisories/39251
- http://secunia.com/advisories/41574
- http://support.apple.com/kb/HT4435
- http://ubuntu.com/usn/usn-913-1
- http://www.debian.org/security/2010/dsa-2032
- http://www.kb.cert.org/vuls/id/576029
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:063
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:064
- http://www.securityfocus.com/bid/38478
- http://www.securitytracker.com/id?1023674
- http://www.vmware.com/security/advisories/VMSA-2010-0014.html
- http://www.vupen.com/english/advisories/2010/0517
- http://www.vupen.com/english/advisories/2010/0605
- http://www.vupen.com/english/advisories/2010/0626
- http://www.vupen.com/english/advisories/2010/0637
- http://www.vupen.com/english/advisories/2010/0667
- http://www.vupen.com/english/advisories/2010/0682
- http://www.vupen.com/english/advisories/2010/0686
- http://www.vupen.com/english/advisories/2010/0847
- http://www.vupen.com/english/advisories/2010/1107
- http://www.vupen.com/english/advisories/2010/2491
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56661
Products affected by CVE-2010-0205
-
cpe:2.3:a:libpng:libpng:1.0.0
-
cpe:2.3:a:libpng:libpng:1.0.0a
-
cpe:2.3:a:libpng:libpng:1.0.0b
-
cpe:2.3:a:libpng:libpng:1.0.1
-
cpe:2.3:a:libpng:libpng:1.0.10
-
cpe:2.3:a:libpng:libpng:1.0.11
-
cpe:2.3:a:libpng:libpng:1.0.12
-
cpe:2.3:a:libpng:libpng:1.0.13
-
cpe:2.3:a:libpng:libpng:1.0.14
-
cpe:2.3:a:libpng:libpng:1.0.15
-
cpe:2.3:a:libpng:libpng:1.0.16
-
cpe:2.3:a:libpng:libpng:1.0.17
-
cpe:2.3:a:libpng:libpng:1.0.18
-
cpe:2.3:a:libpng:libpng:1.0.19
-
cpe:2.3:a:libpng:libpng:1.0.1a
-
cpe:2.3:a:libpng:libpng:1.0.1b
-
cpe:2.3:a:libpng:libpng:1.0.1c
-
cpe:2.3:a:libpng:libpng:1.0.1d
-
cpe:2.3:a:libpng:libpng:1.0.1e
-
cpe:2.3:a:libpng:libpng:1.0.2
-
cpe:2.3:a:libpng:libpng:1.0.20
-
cpe:2.3:a:libpng:libpng:1.0.21
-
cpe:2.3:a:libpng:libpng:1.0.22
-
cpe:2.3:a:libpng:libpng:1.0.23
-
cpe:2.3:a:libpng:libpng:1.0.24
-
cpe:2.3:a:libpng:libpng:1.0.25
-
cpe:2.3:a:libpng:libpng:1.0.26
-
cpe:2.3:a:libpng:libpng:1.0.27
-
cpe:2.3:a:libpng:libpng:1.0.28
-
cpe:2.3:a:libpng:libpng:1.0.29
-
cpe:2.3:a:libpng:libpng:1.0.2a
-
cpe:2.3:a:libpng:libpng:1.0.3
-
cpe:2.3:a:libpng:libpng:1.0.30
-
cpe:2.3:a:libpng:libpng:1.0.31
-
cpe:2.3:a:libpng:libpng:1.0.32
-
cpe:2.3:a:libpng:libpng:1.0.33
-
cpe:2.3:a:libpng:libpng:1.0.34
-
cpe:2.3:a:libpng:libpng:1.0.35
-
cpe:2.3:a:libpng:libpng:1.0.37
-
cpe:2.3:a:libpng:libpng:1.0.38
-
cpe:2.3:a:libpng:libpng:1.0.39
-
cpe:2.3:a:libpng:libpng:1.0.3a
-
cpe:2.3:a:libpng:libpng:1.0.3b
-
cpe:2.3:a:libpng:libpng:1.0.3d
-
cpe:2.3:a:libpng:libpng:1.0.4
-
cpe:2.3:a:libpng:libpng:1.0.40
-
cpe:2.3:a:libpng:libpng:1.0.41
-
cpe:2.3:a:libpng:libpng:1.0.42
-
cpe:2.3:a:libpng:libpng:1.0.43
-
cpe:2.3:a:libpng:libpng:1.0.44
-
cpe:2.3:a:libpng:libpng:1.0.45
-
cpe:2.3:a:libpng:libpng:1.0.46
-
cpe:2.3:a:libpng:libpng:1.0.47
-
cpe:2.3:a:libpng:libpng:1.0.48
-
cpe:2.3:a:libpng:libpng:1.0.4a
-
cpe:2.3:a:libpng:libpng:1.0.4b
-
cpe:2.3:a:libpng:libpng:1.0.4c
-
cpe:2.3:a:libpng:libpng:1.0.4d
-
cpe:2.3:a:libpng:libpng:1.0.4e
-
cpe:2.3:a:libpng:libpng:1.0.4f
-
cpe:2.3:a:libpng:libpng:1.0.5
-
cpe:2.3:a:libpng:libpng:1.0.50
-
cpe:2.3:a:libpng:libpng:1.0.51
-
cpe:2.3:a:libpng:libpng:1.0.52
-
cpe:2.3:a:libpng:libpng:1.0.5a
-
cpe:2.3:a:libpng:libpng:1.0.5b
-
cpe:2.3:a:libpng:libpng:1.0.5c
-
cpe:2.3:a:libpng:libpng:1.0.5d
-
cpe:2.3:a:libpng:libpng:1.0.5e
-
cpe:2.3:a:libpng:libpng:1.0.5f
-
cpe:2.3:a:libpng:libpng:1.0.5g
-
cpe:2.3:a:libpng:libpng:1.0.5h
-
cpe:2.3:a:libpng:libpng:1.0.5i
-
cpe:2.3:a:libpng:libpng:1.0.5j
-
cpe:2.3:a:libpng:libpng:1.0.5k
-
cpe:2.3:a:libpng:libpng:1.0.5l
-
cpe:2.3:a:libpng:libpng:1.0.5m
-
cpe:2.3:a:libpng:libpng:1.0.5n
-
cpe:2.3:a:libpng:libpng:1.0.5o
-
cpe:2.3:a:libpng:libpng:1.0.5p
-
cpe:2.3:a:libpng:libpng:1.0.5q
-
cpe:2.3:a:libpng:libpng:1.0.5r
-
cpe:2.3:a:libpng:libpng:1.0.5s
-
cpe:2.3:a:libpng:libpng:1.0.5t
-
cpe:2.3:a:libpng:libpng:1.0.5u
-
cpe:2.3:a:libpng:libpng:1.0.5v
-
cpe:2.3:a:libpng:libpng:1.0.6
-
cpe:2.3:a:libpng:libpng:1.0.6d
-
cpe:2.3:a:libpng:libpng:1.0.6e
-
cpe:2.3:a:libpng:libpng:1.0.6f
-
cpe:2.3:a:libpng:libpng:1.0.6g
-
cpe:2.3:a:libpng:libpng:1.0.6h
-
cpe:2.3:a:libpng:libpng:1.0.6i
-
cpe:2.3:a:libpng:libpng:1.0.6j
-
cpe:2.3:a:libpng:libpng:1.0.7
-
cpe:2.3:a:libpng:libpng:1.0.8
-
cpe:2.3:a:libpng:libpng:1.0.9
-
cpe:2.3:a:libpng:libpng:1.2.0
-
cpe:2.3:a:libpng:libpng:1.2.1
-
cpe:2.3:a:libpng:libpng:1.2.10
-
cpe:2.3:a:libpng:libpng:1.2.11
-
cpe:2.3:a:libpng:libpng:1.2.12
-
cpe:2.3:a:libpng:libpng:1.2.13
-
cpe:2.3:a:libpng:libpng:1.2.14
-
cpe:2.3:a:libpng:libpng:1.2.15
-
cpe:2.3:a:libpng:libpng:1.2.16
-
cpe:2.3:a:libpng:libpng:1.2.17
-
cpe:2.3:a:libpng:libpng:1.2.18
-
cpe:2.3:a:libpng:libpng:1.2.19
-
cpe:2.3:a:libpng:libpng:1.2.2
-
cpe:2.3:a:libpng:libpng:1.2.20
-
cpe:2.3:a:libpng:libpng:1.2.21
-
cpe:2.3:a:libpng:libpng:1.2.22
-
cpe:2.3:a:libpng:libpng:1.2.23
-
cpe:2.3:a:libpng:libpng:1.2.24
-
cpe:2.3:a:libpng:libpng:1.2.25
-
cpe:2.3:a:libpng:libpng:1.2.26
-
cpe:2.3:a:libpng:libpng:1.2.27
-
cpe:2.3:a:libpng:libpng:1.2.28
-
cpe:2.3:a:libpng:libpng:1.2.29
-
cpe:2.3:a:libpng:libpng:1.2.3
-
cpe:2.3:a:libpng:libpng:1.2.30
-
cpe:2.3:a:libpng:libpng:1.2.31
-
cpe:2.3:a:libpng:libpng:1.2.32
-
cpe:2.3:a:libpng:libpng:1.2.33
-
cpe:2.3:a:libpng:libpng:1.2.34
-
cpe:2.3:a:libpng:libpng:1.2.35
-
cpe:2.3:a:libpng:libpng:1.2.36
-
cpe:2.3:a:libpng:libpng:1.2.37
-
cpe:2.3:a:libpng:libpng:1.2.38
-
cpe:2.3:a:libpng:libpng:1.2.39
-
cpe:2.3:a:libpng:libpng:1.2.4
-
cpe:2.3:a:libpng:libpng:1.2.40
-
cpe:2.3:a:libpng:libpng:1.2.41
-
cpe:2.3:a:libpng:libpng:1.2.42
-
cpe:2.3:a:libpng:libpng:1.2.5
-
cpe:2.3:a:libpng:libpng:1.2.6
-
cpe:2.3:a:libpng:libpng:1.2.7
-
cpe:2.3:a:libpng:libpng:1.2.8
-
cpe:2.3:a:libpng:libpng:1.2.9
-
cpe:2.3:a:libpng:libpng:1.4.0
-
cpe:2.3:o:apple:mac_os_x:-
-
cpe:2.3:o:apple:mac_os_x:10.0
-
cpe:2.3:o:apple:mac_os_x:10.0.0
-
cpe:2.3:o:apple:mac_os_x:10.0.1
-
cpe:2.3:o:apple:mac_os_x:10.0.2
-
cpe:2.3:o:apple:mac_os_x:10.0.3
-
cpe:2.3:o:apple:mac_os_x:10.0.4
-
cpe:2.3:o:apple:mac_os_x:10.1
-
cpe:2.3:o:apple:mac_os_x:10.1.0
-
cpe:2.3:o:apple:mac_os_x:10.1.1
-
cpe:2.3:o:apple:mac_os_x:10.1.2
-
cpe:2.3:o:apple:mac_os_x:10.1.3
-
cpe:2.3:o:apple:mac_os_x:10.1.4
-
cpe:2.3:o:apple:mac_os_x:10.1.5
-
cpe:2.3:o:apple:mac_os_x:10.2
-
cpe:2.3:o:apple:mac_os_x:10.2.0
-
cpe:2.3:o:apple:mac_os_x:10.2.1
-
cpe:2.3:o:apple:mac_os_x:10.2.2
-
cpe:2.3:o:apple:mac_os_x:10.2.3
-
cpe:2.3:o:apple:mac_os_x:10.2.4
-
cpe:2.3:o:apple:mac_os_x:10.2.5
-
cpe:2.3:o:apple:mac_os_x:10.2.6
-
cpe:2.3:o:apple:mac_os_x:10.2.7
-
cpe:2.3:o:apple:mac_os_x:10.2.8
-
cpe:2.3:o:apple:mac_os_x:10.3
-
cpe:2.3:o:apple:mac_os_x:10.3.0
-
cpe:2.3:o:apple:mac_os_x:10.3.1
-
cpe:2.3:o:apple:mac_os_x:10.3.2
-
cpe:2.3:o:apple:mac_os_x:10.3.3
-
cpe:2.3:o:apple:mac_os_x:10.3.4
-
cpe:2.3:o:apple:mac_os_x:10.3.5
-
cpe:2.3:o:apple:mac_os_x:10.3.6
-
cpe:2.3:o:apple:mac_os_x:10.3.7
-
cpe:2.3:o:apple:mac_os_x:10.3.8
-
cpe:2.3:o:apple:mac_os_x:10.3.9
-
cpe:2.3:o:apple:mac_os_x:10.4
-
cpe:2.3:o:apple:mac_os_x:10.4.0
-
cpe:2.3:o:apple:mac_os_x:10.4.1
-
cpe:2.3:o:apple:mac_os_x:10.4.10
-
cpe:2.3:o:apple:mac_os_x:10.4.11
-
cpe:2.3:o:apple:mac_os_x:10.4.2
-
cpe:2.3:o:apple:mac_os_x:10.4.3
-
cpe:2.3:o:apple:mac_os_x:10.4.4
-
cpe:2.3:o:apple:mac_os_x:10.4.5
-
cpe:2.3:o:apple:mac_os_x:10.4.6
-
cpe:2.3:o:apple:mac_os_x:10.4.7
-
cpe:2.3:o:apple:mac_os_x:10.4.8
-
cpe:2.3:o:apple:mac_os_x:10.4.9
-
cpe:2.3:o:apple:mac_os_x:10.5
-
cpe:2.3:o:apple:mac_os_x:10.5.0
-
cpe:2.3:o:apple:mac_os_x:10.5.1
-
cpe:2.3:o:apple:mac_os_x:10.5.2
-
cpe:2.3:o:apple:mac_os_x:10.5.3
-
cpe:2.3:o:apple:mac_os_x:10.5.4
-
cpe:2.3:o:apple:mac_os_x:10.5.5
-
cpe:2.3:o:apple:mac_os_x:10.5.6
-
cpe:2.3:o:apple:mac_os_x:10.5.7
-
cpe:2.3:o:apple:mac_os_x:10.5.8
-
cpe:2.3:o:apple:mac_os_x:10.6.0
-
cpe:2.3:o:apple:mac_os_x:10.6.1
-
cpe:2.3:o:apple:mac_os_x:10.6.2
-
cpe:2.3:o:apple:mac_os_x:10.6.3
-
cpe:2.3:o:apple:mac_os_x:10.6.4
-
cpe:2.3:o:canonical:ubuntu_linux:6.06
-
cpe:2.3:o:canonical:ubuntu_linux:8.04
-
cpe:2.3:o:canonical:ubuntu_linux:8.10
-
cpe:2.3:o:canonical:ubuntu_linux:9.04
-
cpe:2.3:o:canonical:ubuntu_linux:9.10
-
cpe:2.3:o:debian:debian_linux:5.0
-
cpe:2.3:o:debian:debian_linux:6.0
-
cpe:2.3:o:fedoraproject:fedora:11
-
cpe:2.3:o:fedoraproject:fedora:12
-
cpe:2.3:o:fedoraproject:fedora:13
-
cpe:2.3:o:opensuse:opensuse:11.0
-
cpe:2.3:o:opensuse:opensuse:11.1
-
cpe:2.3:o:opensuse:opensuse:11.2
-
cpe:2.3:o:suse:linux_enterprise_server:10
-
cpe:2.3:o:suse:linux_enterprise_server:11
-
cpe:2.3:o:suse:linux_enterprise_server:9