Debian Security Advisory DSA 2410-1 (libpng) Network Vulnerability

Summary

The remote host is missing an update to libpng announced via advisory DSA 2410-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202410-1

Insight

Jueri Aedla discovered an integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed. For the stable distribution (squeeze), this problem has been fixed in version 1.2.44-1+squeeze2. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your libpng packages.

Severity

Classification

CVE CVE-2011-3026

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 061-1 (gnupg)
Debian Security Advisory DSA 1008-1 (kdegraphics)
Debian Security Advisory DSA 028-1 (man-db)
Debian Security Advisory DSA 1018-2 (kernel-source-2.4.27)
Debian Security Advisory DSA 1011-1 (kernel-patch-vserver, util-vserver)

Take action and discover your vulnerabilities