Summary
The remote host is missing an update to libpng10
announced via advisory FEDORA-2009-2045.
Solution
Apply the appropriate updates.
This update can be installed with the yum update program. Use su -c 'yum update libpng10' at the command line.
For more information, refer to Managing Software with yum, available at http://docs.fedoraproject.org/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2045
Insight
Update Information:
This release fixes a vulnerability in which some arrays of pointers are not initialized prior to using malloc to define the pointers. If the application runs out of memory while executing the allocation loop (which can be forced by malevolent input), libpng10 will jump to a cleanup process that attempts to free all of the pointers, including the undefined ones. This issue has been assigned CVE-2009-0040
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-1382, CVE-2009-0040 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities