>> Libpng "png_decompress_chunk()" Chunk Name Handling Buffer Overflow Vulnerability
Title : Libpng "png_decompress_chunk()" Chunk Name Handling Buffer Overflow Vulnerability VUPEN ID : VUPEN/ADV-2006-2585 CVE ID : CVE-2006-3334
Rated as : High Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2006-06-28
Technical Description
A vulnerability has been identified in Libpng, which could be exploited by attackers to cause a denial of service or execute arbitrary commands. This flaw is due to a buffer overflow error in the "png_decompress_chunk()" [pngrutil.c] routine that does not validate the "chunk_name" before being copied into an insufficiently sized buffer, which could be exploited by attackers to crash an application linked against a vulnerable library or potentially execute arbitrary code via a specially crafted image.
