Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Libpng Multiple Function Denial of Service Vulnerabilities

Title : Fedora Security Update Fixes Libpng Multiple Function Denial of Service Vulnerabilities
VUPEN ID : VUPEN/ADV-2007-1929
CVE ID : CVE-2006-5793 - CVE-2007-2445
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-05-24

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Two vulnerabilities have been identified in Fedora, which could be exploited by attackers to cause a denial of service. These issues are caused by errors in Libpng. For additional information, see : VUPEN/ADV-2006-4521 - VUPEN/ADV-2007-1838

Affected Products

Fedora Core 5
Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

43313a4aa1a0f3bd6123bdd6d10c74dac4c0f971 SRPMS/libpng-1.2.8-3.fc5.src.rpm
43313a4aa1a0f3bd6123bdd6d10c74dac4c0f971 noarch/libpng-1.2.8-3.fc5.src.rpm
8f971f98ba3ec5bb23d37648790bfe5d969f4f9f ppc/debug/libpng-debuginfo-1.2.8-3.fc5.ppc.rpm
3c8a7d86940cfa67385020adbb443bbe947cee5d ppc/libpng-devel-1.2.8-3.fc5.ppc.rpm
d652d258676e6ba568886453dbcd17fcd59c82de ppc/libpng-1.2.8-3.fc5.ppc.rpm
38a61a110d2b9a43dc9084dfe28505bfc0ed7f11 x86_64/libpng-1.2.8-3.fc5.x86_64.rpm
349a992443fa18699816aba08888f731a2cfb9f5 x86_64/libpng-devel-1.2.8-3.fc5.x86_64.rpm
0a94b85e17fd05f7cc8a78180f21fb4d5619f2d9 x86_64/debug/libpng-debuginfo-1.2.8-3.fc5.x86_64.rpm
8cd6bf80c0bf84707f692bf98f27b79dd320fcb6 i386/libpng-devel-1.2.8-3.fc5.i386.rpm
aac487ce0e3b87d0fe532b915212fd36e5d73b49 i386/debug/libpng-debuginfo-1.2.8-3.fc5.i386.rpm
e08b6bcc57d7afdb3ba35bdbe11e502b5bc596d4 i386/libpng-1.2.8-3.fc5.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

34fada9e91ca73d6becb9a401125e0bb70861568 SRPMS/libpng-1.2.10-9.fc6.src.rpm
34fada9e91ca73d6becb9a401125e0bb70861568 noarch/libpng-1.2.10-9.fc6.src.rpm
3146e179f64145312801df7bc4a2c799c9fc60d4 ppc/debug/libpng-debuginfo-1.2.10-9.fc6.ppc.rpm
d23c50d2216b498baadd0c26173ab61e3975f620 ppc/libpng-1.2.10-9.fc6.ppc.rpm
358b6a6519773839725dd7b26a3d89543c927165 ppc/libpng-devel-1.2.10-9.fc6.ppc.rpm
f1624428116ca1fe02e0d59e3d27dc1ecfcffb0e x86_64/libpng-devel-1.2.10-9.fc6.x86_64.rpm
1dad10a249295a62ae5ead11d5b67c345717a428 x86_64/libpng-1.2.10-9.fc6.x86_64.rpm
7f7da096b28dae824fdfdb8b27dad4f5087ecd56 x86_64/debug/libpng-debuginfo-1.2.10-9.fc6.x86_64.rpm
1e0bdeeaf5124ce62c00dd5813a585e037da2500 i386/libpng-devel-1.2.10-9.fc6.i386.rpm
d38f59aabda59b586c2944a9020ba15d51a74060 i386/libpng-1.2.10-9.fc6.i386.rpm
cd9e0d94d20fc0cc151fcd5232735e8c8d970f66 i386/debug/libpng-debuginfo-1.2.10-9.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/1929
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00046.html
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00047.html

ChangeLog

2007-05-24 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy