CentOS Update For Libpng10 CESA-2011:1103 Centos4 X86_64 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

The libpng packages contain a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. (CVE-2011-2692) Users of libpng and libpng10 should upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications using libpng or libpng10 must be restarted for the update to take effect.

Affected

libpng10 on CentOS 4

References

http://lists.centos.org/pipermail/centos-announce/2011-August/017668.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-2692

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

CentOS Security Advisory CESA-2009:0373 (systemtap)
CentOS Security Advisory CESA-2009:1528 (samba)
CentOS Update for acpid CESA-2009:1642 centos5 i386
CentOS Update for 389-ds-base CESA-2014:0292 centos6
CentOS Update for apache CESA-2008:0004-01 centos2 i386

CentOS Update for libpng10 CESA-2011:1103 centos4 x86_64

Take action and discover your vulnerabilities