HTTP: libpng Image Rows Parsing Memory Corruption Remote Code Execution
This signature detects attempts to exploit a known vulnerability against the libpng library. A successful attack can lead to arbitrary code execution.
Extended Description
The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.
Affected Products
Apple iphone,Apple itunes
Short Name
HTTP:STC:IMG:LIBPNG-ROWS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-1205 Code Corruption Execution Image Memory Parsing Remote Rows bid:41174 libpng
Release Date
08/15/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3373
False Positive
Unknown
Vendors
Red_hat
Blue_coat_systems
Research_in_motion
Suse
Apple
Gentoo
Sun
Mozilla
Avaya
Mandriva
Pardus
Slackware
Ubuntu
Libpng
Debian
Vmware
CVSS Score
7.5