CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
5.6 | $0-$5k | 0.00 |
A vulnerability was found in libpng up to 1.3 (Image Processing Software). It has been declared as problematic. This vulnerability affects an unknown code of the file pngrutil.c. The manipulation with an unknown input leads to a resource management vulnerability. The CWE definition for the vulnerability is CWE-399. As an impact it is known to affect availability. CVE summarizes:
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
The weakness was published 06/30/2010 as Bug 608644 as not defined bug report (Bugzilla). The advisory is available at bugzilla.redhat.com. This vulnerability was named CVE-2010-2249 since 06/09/2010. The exploitation appears to be easy. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Technical details and also a public exploit are known.
A public exploit has been developed in ANSI C. It is possible to download the exploit at securityfocus.com. It is declared as proof-of-concept. The vulnerability scanner Nessus provides a plugin with the ID 47741 (CentOS 3 / 4 / 5 : libpng / libpng10 (CESA-2010:0534)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CentOS Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 119009 (Apple iTunes Prior to 10.2 Multiple Vulnerabilities (APPLE-SA-2011-03-02-1)).
Upgrading to version 1.4 eliminates this vulnerability.
The vulnerability is also documented in the databases at X-Force (59816) and Tenable (47741). Similar entries are available at 4312, 4400, 4429 and 51881.
Product
Type
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.6
VulDB Base Score: 5.3
VulDB Temp Score: 4.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.5
NVD Vector: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Resource managementCWE: CWE-399 / CWE-404
ATT&CK: Unknown
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Programming Language: 🔍
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 47741
Nessus Name: CentOS 3 / 4 / 5 : libpng / libpng10 (CESA-2010:0534)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 67828
OpenVAS Name: Debian Security Advisory DSA 2072-1 (libpng)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: libpng 1.4
Timeline
06/09/2010 🔍06/25/2010 🔍
06/28/2010 🔍
06/30/2010 🔍
06/30/2010 🔍
07/16/2010 🔍
11/22/2010 🔍
03/19/2015 🔍
01/28/2016 🔍
09/19/2021 🔍
Sources
Advisory: Bug 608644Status: Not defined
Confirmation: 🔍
CVE: CVE-2010-2249 (🔍)
OVAL: 🔍
X-Force: 59816
SecurityTracker: 1024723
Vulnerability Center: 56240 - Libpng Prior to 1.2.44 and 1.4-1.4.2 Memory Leak Remote DoS Vulnerability via PNG Image with sCAL, Medium
SecurityFocus: 41174 - libpng Memory Corruption and Memory Leak Vulnerabilities
Secunia: 40302 - libpng Two Vulnerabilities, Moderately Critical
Vupen: ADV-2010-1612
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 03/19/2015 12:22Updated: 09/19/2021 00:48
Changes: 03/19/2015 12:22 (69), 07/22/2018 10:14 (18), 09/19/2021 00:48 (13)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.