CVE-2008-1382 – libpng unknown chunk handling flaw

https://notcve.org/view.php?id=CVE-2008-1382

libpng 1.0.6 through 1.0.32, 1.2.0 through 1.2.26, and 1.4.0beta01 through 1.4.0beta19 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG file with zero length "unknown" chunks, which trigger an access of uninitialized memory. libpng versions de la 1.0.6 hasta la 1.0.32, 1.2.0 hasta la 1.2.26 y 1.4.0beta01 hasta la 1.4.0beta19, permiten a atacantes dependientes del contexto provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de un archivo PNG con fragmentos desconocidos de longitud cero, lo que dispara un acceso de memoria no inicializada. • http://libpng.sourceforge.net/Advisory-1.2.26.txt http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html http://lists.apple.com/archives/security-announce/2009/May/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00011.html http://secunia.com/advisories/29678 http://secunia.com/advisories/29792 http://secunia.com/advisories/29957 http://secunia.com/advisories/29992 http://secunia.com/advisories/30009 http://secunia.com/advisories/301 • CWE-189: Numeric Errors •