Vulnerability-Lookup

CVE-2010-2249 (GCVE-0-2010-2249)

Vulnerability from cvelistv5 – Published: 2010-06-30 18:00 – Updated: 2024-08-07 02:25

Summary

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://libpng.git.sourceforge.net/git/gitweb.cgi?…	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.vmware.com/security/advisories/VMSA-20…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/41174	vdb-entryx_refsource_BID
	http://www.vupen.com/english/advisories/2010/1877	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/3045	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1024723	vdb-entryx_refsource_SECTRACK
	http://support.apple.com/kb/HT4435	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/1837	vdb-entryx_refsource_VUPEN
	http://support.apple.com/kb/HT4457	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/1755	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/3046	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/40472	third-party-advisoryx_refsource_SECUNIA
	http://support.apple.com/kb/HT4566	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=608644	x_refsource_CONFIRM
	http://secunia.com/advisories/40302	third-party-advisoryx_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/40336	third-party-advisoryx_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/41574	third-party-advisoryx_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-960-1	vendor-advisoryx_refsource_UBUNTU
	http://www.libpng.org/pub/png/libpng.html	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/42317	third-party-advisoryx_refsource_SECUNIA
	http://lists.vmware.com/pipermail/security-announ…	mailing-listx_refsource_MLIST
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.debian.org/security/2010/dsa-2072	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/40547	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/42314	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1637	vdb-entryx_refsource_VUPEN
	http://support.apple.com/kb/HT4554	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://slackware.com/security/viewer.php?l=slackw…	vendor-advisoryx_refsource_SLACKWARE
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://support.apple.com/kb/HT4456	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/2491	vdb-entryx_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/1846	vdb-entryx_refsource_VUPEN
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://www.vupen.com/english/advisories/2010/1612	vdb-entryx_refsource_VUPEN

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:25:07.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
          },
          {
            "name": "MDVSA-2010:133",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
          },
          {
            "name": "41174",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/41174"
          },
          {
            "name": "ADV-2010-1877",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1877"
          },
          {
            "name": "ADV-2010-3045",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3045"
          },
          {
            "name": "1024723",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024723"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "name": "ADV-2010-1837",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1837"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4457"
          },
          {
            "name": "ADV-2010-1755",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1755"
          },
          {
            "name": "ADV-2010-3046",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3046"
          },
          {
            "name": "40472",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40472"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
          },
          {
            "name": "40302",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40302"
          },
          {
            "name": "APPLE-SA-2010-11-10-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "name": "40336",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40336"
          },
          {
            "name": "libpng-scal-dos(59816)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
          },
          {
            "name": "41574",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41574"
          },
          {
            "name": "USN-960-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-960-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "name": "APPLE-SA-2011-03-02-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "42317",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42317"
          },
          {
            "name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
          },
          {
            "name": "FEDORA-2010-10823",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
          },
          {
            "name": "DSA-2072",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2072"
          },
          {
            "name": "40547",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/40547"
          },
          {
            "name": "42314",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42314"
          },
          {
            "name": "ADV-2010-1637",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1637"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "SUSE-SR:2010:017",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
          },
          {
            "name": "APPLE-SA-2011-03-09-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "SSA:2010-180-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
          },
          {
            "name": "FEDORA-2010-10833",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4456"
          },
          {
            "name": "ADV-2010-2491",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2491"
          },
          {
            "name": "ADV-2010-1846",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1846"
          },
          {
            "name": "APPLE-SA-2010-11-22-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
          },
          {
            "name": "ADV-2010-1612",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1612"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-06-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
        },
        {
          "name": "MDVSA-2010:133",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
        },
        {
          "name": "41174",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/41174"
        },
        {
          "name": "ADV-2010-1877",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1877"
        },
        {
          "name": "ADV-2010-3045",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3045"
        },
        {
          "name": "1024723",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024723"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4435"
        },
        {
          "name": "ADV-2010-1837",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1837"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4457"
        },
        {
          "name": "ADV-2010-1755",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1755"
        },
        {
          "name": "ADV-2010-3046",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3046"
        },
        {
          "name": "40472",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40472"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4566"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
        },
        {
          "name": "40302",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40302"
        },
        {
          "name": "APPLE-SA-2010-11-10-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
        },
        {
          "name": "40336",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40336"
        },
        {
          "name": "libpng-scal-dos(59816)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
        },
        {
          "name": "41574",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41574"
        },
        {
          "name": "USN-960-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-960-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.libpng.org/pub/png/libpng.html"
        },
        {
          "name": "APPLE-SA-2011-03-02-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
        },
        {
          "name": "42317",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42317"
        },
        {
          "name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
        },
        {
          "name": "FEDORA-2010-10823",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
        },
        {
          "name": "DSA-2072",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2072"
        },
        {
          "name": "40547",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/40547"
        },
        {
          "name": "42314",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42314"
        },
        {
          "name": "ADV-2010-1637",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1637"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4554"
        },
        {
          "name": "SUSE-SR:2010:017",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
        },
        {
          "name": "APPLE-SA-2011-03-09-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
        },
        {
          "name": "SSA:2010-180-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
        },
        {
          "name": "FEDORA-2010-10833",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4456"
        },
        {
          "name": "ADV-2010-2491",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2491"
        },
        {
          "name": "ADV-2010-1846",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1846"
        },
        {
          "name": "APPLE-SA-2010-11-22-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
        },
        {
          "name": "ADV-2010-1612",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1612"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-2249",
    "datePublished": "2010-06-30T18:00:00.000Z",
    "dateReserved": "2010-06-09T00:00:00.000Z",
    "dateUpdated": "2024-08-07T02:25:07.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2010-AVI-291

Vulnerability from certfr_avis - Published: 2010-06-28 - Updated: 2010-07-21

De multiples vulnérabilités dans la bibliothèque libpng permettent, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été identifiées dans la bibliothèque libpng. Leur exploitation permet à une personne malintentionnée d'exécuter du code arbitraire à distance, ou de provoquer un déni de service à distance (arrêt inopiné de l'application).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

libpng versions antérieures à 1.4.3 (branche 1.4.x) ;
libpng versions antérieures à 1.2.44 (bhttp://rhn.redhat.com/errata/RHSA-2010-0534.htmlranche 1.2.x).

Les applications utilisant cette bibliothèque peuvent être vulnérables.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Notes de version libpng	None	vendor-advisory
Bulletin de sécurité Debian DSA-2072 du 19 juillet 2010 :	-	other
Bulletin de sécurité RedHat RHSA-2010:0534-1 du 14 juillet 2010 :	-	other
Bulletin de sécurité Mandriva MDVSA-2010:133 du 15 juillet 2010 :	-	other
Bulletin de sécurité Ubuntu du 08 juillet 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003elibpng versions ant\u00e9rieures \u00e0 1.4.3 (branche 1.4.x) ;\u003c/LI\u003e    \u003cLI\u003elibpng versions ant\u00e9rieures \u00e0 1.2.44    (bhttp://rhn.redhat.com/errata/RHSA-2010-0534.htmlranche    1.2.x).\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes applications utilisant cette biblioth\u00e8que peuvent \u00eatre  vuln\u00e9rables.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans la biblioth\u00e8que\nlibpng. Leur exploitation permet \u00e0 une personne malintentionn\u00e9e\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance, ou de provoquer un d\u00e9ni de\nservice \u00e0 distance (arr\u00eat inopin\u00e9 de l\u0027application).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    }
  ],
  "initial_release_date": "2010-06-28T00:00:00",
  "last_revision_date": "2010-07-21T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-2072 du 19 juillet 2010 :",
      "url": "http://www.debian.org/security/2010/dsa-2072"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 RedHat RHSA-2010:0534-1 du 14 juillet    2010 :",
      "url": "http://rhn.redhat.com/errata/RHSA-2010-0534.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2010:133 du 15 juillet    2010 :",
      "url": "http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:133"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu du 08 juillet 2010 :",
      "url": "http://www.ubuntu.com/usn/usn-960-1"
    }
  ],
  "reference": "CERTA-2010-AVI-291",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-06-28T00:00:00.000000"
    },
    {
      "description": "ajout d\u0027une r\u00e9f\u00e9rence CVE ;",
      "revision_date": "2010-06-30T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 RedHat ;",
      "revision_date": "2010-07-15T00:00:00.000000"
    },
    {
      "description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 Debian et Ubuntu ;",
      "revision_date": "2010-07-20T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Mandriva.",
      "revision_date": "2010-07-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans la biblioth\u00e8que libpng permettent,\nentre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans libpng",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Notes de version libpng",
      "url": "http://www.libpng.org/pub/png/libpng.html"
    }
  ]
}

CERTA-2010-AVI-548

Vulnerability from certfr_avis - Published: 2010-11-12 - Updated: 2010-11-12

De nombreuses vulnérabilités ont été découvertes dans le système d'exploitation Mac OS X. Leur exploitation permet, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Mac OS X. Notamment :

AFP Server ;
AppKit ;
ATS ;
CFNetwork ;
CoreGraphics ;
CoreText ;
Directory Services ;
diskdev_cmds ;
Disk Images ;
Image Capture ;
ImageIO ;
Image RAW ;
Kernel ;
Networking ;
Password Server ;
Printing ;
QuickLook ;
QuickTime ;
Safari ;
Time Machine ;
Wiki Server ;
xar.

Cette mise à jour corrige également un grand nombre de vulnérabilités dans des logiciels inclus au système d'exploitation comme Apache, CUPS, Flash Player, gzip, MySQL, OpenLDAP, OpenSSL, PHP, python, X11.

Parmi les failles corrigées, certaines permettent l'exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Mac OS X Server 10.6.0 à 10.6.4.
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X 10.6.0 à 10.6.4 ;
N/A	N/A	Mac OS X Server 10.5.8 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple 2010-007 du 11 novembre 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Mac OS X Server 10.6.0 \u00e0 10.6.4.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X 10.6.0 \u00e0 10.6.4 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Mac OS X Server 10.5.8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Mac OS X. Notamment :\n\n-   AFP Server ;\n-   AppKit ;\n-   ATS ;\n-   CFNetwork ;\n-   CoreGraphics ;\n-   CoreText ;\n-   Directory Services ;\n-   diskdev_cmds ;\n-   Disk Images ;\n-   Image Capture ;\n-   ImageIO ;\n-   Image RAW ;\n-   Kernel ;\n-   Networking ;\n-   Password Server ;\n-   Printing ;\n-   QuickLook ;\n-   QuickTime ;\n-   Safari ;\n-   Time Machine ;\n-   Wiki Server ;\n-   xar.\n\nCette mise \u00e0 jour corrige \u00e9galement un grand nombre de vuln\u00e9rabilit\u00e9s\ndans des logiciels inclus au syst\u00e8me d\u0027exploitation comme Apache, CUPS,\nFlash Player, gzip, MySQL, OpenLDAP, OpenSSL, PHP, python, X11.\n\nParmi les failles corrig\u00e9es, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-3793"
    },
    {
      "name": "CVE-2010-2167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2167"
    },
    {
      "name": "CVE-2010-2173",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2173"
    },
    {
      "name": "CVE-2010-3783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3783"
    },
    {
      "name": "CVE-2010-2163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2163"
    },
    {
      "name": "CVE-2010-3642",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3642"
    },
    {
      "name": "CVE-2009-4134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-4134"
    },
    {
      "name": "CVE-2010-1803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1803"
    },
    {
      "name": "CVE-2010-3788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3788"
    },
    {
      "name": "CVE-2010-3638",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3638"
    },
    {
      "name": "CVE-2010-1846",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1846"
    },
    {
      "name": "CVE-2010-2484",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2484"
    },
    {
      "name": "CVE-2010-3640",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3640"
    },
    {
      "name": "CVE-2010-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0434"
    },
    {
      "name": "CVE-2010-1834",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1834"
    },
    {
      "name": "CVE-2010-2499",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2499"
    },
    {
      "name": "CVE-2010-2519",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2519"
    },
    {
      "name": "CVE-2010-3646",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3646"
    },
    {
      "name": "CVE-2010-0211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0211"
    },
    {
      "name": "CVE-2010-2531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2531"
    },
    {
      "name": "CVE-2010-2170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2170"
    },
    {
      "name": "CVE-2010-3784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3784"
    },
    {
      "name": "CVE-2010-1840",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1840"
    },
    {
      "name": "CVE-2010-1845",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1845"
    },
    {
      "name": "CVE-2010-3639",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3639"
    },
    {
      "name": "CVE-2010-3654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3654"
    },
    {
      "name": "CVE-2010-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0205"
    },
    {
      "name": "CVE-2010-1752",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1752"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2010-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3643"
    },
    {
      "name": "CVE-2010-1849",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1849"
    },
    {
      "name": "CVE-2010-1842",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1842"
    },
    {
      "name": "CVE-2010-2176",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2176"
    },
    {
      "name": "CVE-2010-3650",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3650"
    },
    {
      "name": "CVE-2010-1378",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1378"
    },
    {
      "name": "CVE-2010-2497",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2497"
    },
    {
      "name": "CVE-2010-3798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3798"
    },
    {
      "name": "CVE-2010-2162",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2162"
    },
    {
      "name": "CVE-2009-2474",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2474"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2010-2172",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2172"
    },
    {
      "name": "CVE-2010-2181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2181"
    },
    {
      "name": "CVE-2010-3796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3796"
    },
    {
      "name": "CVE-2010-1850",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1850"
    },
    {
      "name": "CVE-2010-3795",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3795"
    },
    {
      "name": "CVE-2010-2160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2160"
    },
    {
      "name": "CVE-2010-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3786"
    },
    {
      "name": "CVE-2010-3644",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3644"
    },
    {
      "name": "CVE-2010-2179",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2179"
    },
    {
      "name": "CVE-2010-1831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1831"
    },
    {
      "name": "CVE-2010-3647",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3647"
    },
    {
      "name": "CVE-2010-3790",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3790"
    },
    {
      "name": "CVE-2010-2214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2214"
    },
    {
      "name": "CVE-2010-1450",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1450"
    },
    {
      "name": "CVE-2010-0408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0408"
    },
    {
      "name": "CVE-2010-2165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2165"
    },
    {
      "name": "CVE-2010-2171",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2171"
    },
    {
      "name": "CVE-2010-1844",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1844"
    },
    {
      "name": "CVE-2010-2498",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2498"
    },
    {
      "name": "CVE-2010-4010",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4010"
    },
    {
      "name": "CVE-2010-3793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3793"
    },
    {
      "name": "CVE-2010-0209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0209"
    },
    {
      "name": "CVE-2010-2182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2182"
    },
    {
      "name": "CVE-2010-3649",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3649"
    },
    {
      "name": "CVE-2010-1847",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1847"
    },
    {
      "name": "CVE-2010-1841",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1841"
    },
    {
      "name": "CVE-2010-2175",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2175"
    },
    {
      "name": "CVE-2010-2180",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2180"
    },
    {
      "name": "CVE-2010-1828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1828"
    },
    {
      "name": "CVE-2010-0397",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0397"
    },
    {
      "name": "CVE-2010-2520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2520"
    },
    {
      "name": "CVE-2008-4546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4546"
    },
    {
      "name": "CVE-2010-1297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1297"
    },
    {
      "name": "CVE-2010-2941",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2941"
    },
    {
      "name": "CVE-2010-2187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2187"
    },
    {
      "name": "CVE-2010-2164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2164"
    },
    {
      "name": "CVE-2010-2884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2884"
    },
    {
      "name": "CVE-2010-3636",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3636"
    },
    {
      "name": "CVE-2010-1836",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1836"
    },
    {
      "name": "CVE-2010-3794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3794"
    },
    {
      "name": "CVE-2010-2161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2161"
    },
    {
      "name": "CVE-2010-1843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1843"
    },
    {
      "name": "CVE-2010-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2808"
    },
    {
      "name": "CVE-2010-2215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2215"
    },
    {
      "name": "CVE-2010-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2805"
    },
    {
      "name": "CVE-2010-2178",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2178"
    },
    {
      "name": "CVE-2010-3787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3787"
    },
    {
      "name": "CVE-2010-1832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1832"
    },
    {
      "name": "CVE-2009-0946",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0946"
    },
    {
      "name": "CVE-2010-2177",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2177"
    },
    {
      "name": "CVE-2009-2473",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2473"
    },
    {
      "name": "CVE-2010-3053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3053"
    },
    {
      "name": "CVE-2010-3789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3789"
    },
    {
      "name": "CVE-2010-1829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1829"
    },
    {
      "name": "CVE-2010-2166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2166"
    },
    {
      "name": "CVE-2010-1848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1848"
    },
    {
      "name": "CVE-2010-3645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3645"
    },
    {
      "name": "CVE-2010-0212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0212"
    },
    {
      "name": "CVE-2010-3054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3054"
    },
    {
      "name": "CVE-2010-2184",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2184"
    },
    {
      "name": "CVE-2010-3648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3648"
    },
    {
      "name": "CVE-2010-3791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3791"
    },
    {
      "name": "CVE-2010-1449",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1449"
    },
    {
      "name": "CVE-2010-3976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3976"
    },
    {
      "name": "CVE-2010-3797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3797"
    },
    {
      "name": "CVE-2010-1830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1830"
    },
    {
      "name": "CVE-2010-3641",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3641"
    },
    {
      "name": "CVE-2010-2189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2189"
    },
    {
      "name": "CVE-2010-3792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3792"
    },
    {
      "name": "CVE-2010-2216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2216"
    },
    {
      "name": "CVE-2010-2174",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2174"
    },
    {
      "name": "CVE-2010-2169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2169"
    },
    {
      "name": "CVE-2010-1837",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1837"
    },
    {
      "name": "CVE-2010-2806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2806"
    },
    {
      "name": "CVE-2009-2624",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2624"
    },
    {
      "name": "CVE-2010-2188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2188"
    },
    {
      "name": "CVE-2010-2185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2185"
    },
    {
      "name": "CVE-2010-1833",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1833"
    },
    {
      "name": "CVE-2010-1811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1811"
    },
    {
      "name": "CVE-2010-2500",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2500"
    },
    {
      "name": "CVE-2010-2213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2213"
    },
    {
      "name": "CVE-2009-0796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-0796"
    },
    {
      "name": "CVE-2010-2186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2186"
    },
    {
      "name": "CVE-2010-1838",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1838"
    },
    {
      "name": "CVE-2010-2807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2807"
    },
    {
      "name": "CVE-2010-3785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3785"
    },
    {
      "name": "CVE-2010-2183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2183"
    },
    {
      "name": "CVE-2010-0105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0105"
    },
    {
      "name": "CVE-2010-0001",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0001"
    },
    {
      "name": "CVE-2010-3652",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3652"
    }
  ],
  "initial_release_date": "2010-11-12T00:00:00",
  "last_revision_date": "2010-11-12T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-548",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-11-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De nombreuses vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le syst\u00e8me\nd\u0027exploitation \u003cspan class=\"textit\"\u003eMac OS X\u003c/span\u003e. Leur exploitation\npermet, entre autres, l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple 2010-007 du 11 novembre 2010",
      "url": "http://support.apple.com/kb/HT4435"
    }
  ]
}

CERTA-2011-AVI-150

Vulnerability from certfr_avis - Published: 2011-03-11 - Updated: 2011-03-11

De multiples vulnérabilités permettant l'exécution de code arbitraire ont été corrigées dans Apple Safari.

Description

De multiples vulnérabilités ont été corrigées dans Apple Safari pour Microsoft Windows et Mac OS X. Celles-ci permettent l'exécution de code arbitraire à distance par l'intermédiaire d'une page Web spécialement conçue.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

La version 5.0.4 de Apple Safari corrige ces vulnérabilités. Cette nouvelle version integre une mise à jour de la libpng en version 1.4.3.

Apple Safari versions antérieures à 5.0.4.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4566 du 09 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eApple Safari versions ant\u00e9rieures \u00e0  5.0.4.\u003c/p\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari pour\nMicrosoft Windows et Mac OS X. Celles-ci permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance par l\u0027interm\u00e9diaire d\u0027une page Web sp\u00e9cialement\ncon\u00e7ue.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n\nLa version 5.0.4 de Apple Safari corrige ces vuln\u00e9rabilit\u00e9s. Cette\nnouvelle version integre une mise \u00e0 jour de la libpng en version 1.4.3.\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0163",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0163"
    },
    {
      "name": "CVE-2011-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0169"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0160",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0160"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0161",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0161"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2011-0166",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0166"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0167",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0167"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-11T00:00:00",
  "last_revision_date": "2011-03-11T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-150",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-11T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s permettant l\u0027ex\u00e9cution de code arbitraire\nont \u00e9t\u00e9 corrig\u00e9es dans Apple Safari.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple Safari",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4566 du 09 mars 2011",
      "url": "http://support.apple.com/kb/HT4566"
    }
  ]
}

CERTA-2011-AVI-134

Vulnerability from certfr_avis - Published: 2011-03-04 - Updated: 2011-03-04

Plusieurs vulnérabilités dans le lecteur multimédia iTunes d'Apple permettent à une personne distante malintentionnée de provoquer un déni de service ou d'exécuter du code arbitraire.

Description

De multiples vulnérabilités dans iTunes ont été corrigées. Un individu malveillant peut exploiter ces vulnérabilités afin de provoquer l'arrêt inoppinée de l'application ou d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

iTunes 10.2.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4554 du 02 mars 2011

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eiTunes 10.2.\u003c/P\u003e",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s dans iTunes ont \u00e9t\u00e9 corrig\u00e9es. Un individu\nmalveillant peut exploiter ces vuln\u00e9rabilit\u00e9s afin de provoquer l\u0027arr\u00eat\ninoppin\u00e9e de l\u0027application ou d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2011-0170",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0170"
    },
    {
      "name": "CVE-2011-0153",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0153"
    },
    {
      "name": "CVE-2011-0138",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0138"
    },
    {
      "name": "CVE-2011-0156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0156"
    },
    {
      "name": "CVE-2011-0192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0192"
    },
    {
      "name": "CVE-2011-0120",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0120"
    },
    {
      "name": "CVE-2011-0115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0115"
    },
    {
      "name": "CVE-2011-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0112"
    },
    {
      "name": "CVE-2011-0113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0113"
    },
    {
      "name": "CVE-2011-0140",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0140"
    },
    {
      "name": "CVE-2010-4494",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4494"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2011-0148",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0148"
    },
    {
      "name": "CVE-2011-0127",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0127"
    },
    {
      "name": "CVE-2011-0142",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0142"
    },
    {
      "name": "CVE-2011-0150",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0150"
    },
    {
      "name": "CVE-2011-0164",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0164"
    },
    {
      "name": "CVE-2011-0122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0122"
    },
    {
      "name": "CVE-2011-0118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0118"
    },
    {
      "name": "CVE-2011-0129",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0129"
    },
    {
      "name": "CVE-2011-0165",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0165"
    },
    {
      "name": "CVE-2011-0191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0191"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2011-0149",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0149"
    },
    {
      "name": "CVE-2011-0151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0151"
    },
    {
      "name": "CVE-2011-0126",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0126"
    },
    {
      "name": "CVE-2011-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0155"
    },
    {
      "name": "CVE-2011-0125",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0125"
    },
    {
      "name": "CVE-2011-0119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0119"
    },
    {
      "name": "CVE-2011-0123",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0123"
    },
    {
      "name": "CVE-2011-0145",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0145"
    },
    {
      "name": "CVE-2011-0121",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0121"
    },
    {
      "name": "CVE-2011-0128",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0128"
    },
    {
      "name": "CVE-2011-0141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0141"
    },
    {
      "name": "CVE-2011-0152",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0152"
    },
    {
      "name": "CVE-2011-0134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0134"
    },
    {
      "name": "CVE-2011-0114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0114"
    },
    {
      "name": "CVE-2011-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0135"
    },
    {
      "name": "CVE-2011-0124",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0124"
    },
    {
      "name": "CVE-2011-0132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0132"
    },
    {
      "name": "CVE-2011-0130",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0130"
    },
    {
      "name": "CVE-2011-0143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0143"
    },
    {
      "name": "CVE-2011-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0111"
    },
    {
      "name": "CVE-2011-0117",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0117"
    },
    {
      "name": "CVE-2011-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0154"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2011-0146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0146"
    },
    {
      "name": "CVE-2010-1824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1824"
    },
    {
      "name": "CVE-2011-0144",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0144"
    },
    {
      "name": "CVE-2011-0147",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0147"
    },
    {
      "name": "CVE-2011-0131",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0131"
    },
    {
      "name": "CVE-2011-0168",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0168"
    },
    {
      "name": "CVE-2011-0136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0136"
    },
    {
      "name": "CVE-2011-0133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0133"
    },
    {
      "name": "CVE-2011-0139",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0139"
    },
    {
      "name": "CVE-2011-0137",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0137"
    },
    {
      "name": "CVE-2011-0116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0116"
    }
  ],
  "initial_release_date": "2011-03-04T00:00:00",
  "last_revision_date": "2011-03-04T00:00:00",
  "links": [],
  "reference": "CERTA-2011-AVI-134",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2011-03-04T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s dans le lecteur multim\u00e9dia iTunes d\u0027Apple\npermettent \u00e0 une personne distante malintentionn\u00e9e de provoquer un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans iTunes",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4554 du 02 mars 2011",
      "url": "http://support.apple.com/kb/HT4554"
    }
  ]
}

CERTA-2010-AVI-565

Vulnerability from certfr_avis - Published: 2010-11-24 - Updated: 2010-11-24

De multiples vulnérabilités affectent Apple iOS. Certaines permettent l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été corrigées dans différents composants du système d'exploitation Apple iOS, notamment dans :

Configuration Profiles ;
CoreGraphics ;
FreeType ;
iAd Content Display ;
ImageIO ;
libxml ;
Mail ;
Networking ;
OfficeImport ;
Photos ;
Safari ;
Telephony ;
WebKit.

Parmi ces vulnérabilités, certaines permettent l'exécution de code arbitraire à distance, des dénis de service à distance ainsi que l'atteinte à la confidentialité des données sur les produits Apple embarquant le système d'exploitation iOS.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Apple iOS versions 4.1 et antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT4456 du 22 novembre 2010

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eApple iOS\u003c/SPAN\u003e  versions 4.1 et ant\u00e9rieures.",
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans diff\u00e9rents composants\ndu syst\u00e8me d\u0027exploitation Apple iOS, notamment dans :\n\n-   Configuration Profiles ;\n-   CoreGraphics ;\n-   FreeType ;\n-   iAd Content Display ;\n-   ImageIO ;\n-   libxml ;\n-   Mail ;\n-   Networking ;\n-   OfficeImport ;\n-   Photos ;\n-   Safari ;\n-   Telephony ;\n-   WebKit.\n\nParmi ces vuln\u00e9rabilit\u00e9s, certaines permettent l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance, des d\u00e9nis de service \u00e0 distance ainsi que\nl\u0027atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es sur les produits Apple\nembarquant le syst\u00e8me d\u0027exploitation iOS.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-1408",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1408"
    },
    {
      "name": "CVE-2010-1407",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1407"
    },
    {
      "name": "CVE-2010-1784",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1784"
    },
    {
      "name": "CVE-2010-1791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1791"
    },
    {
      "name": "CVE-2010-1782",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1782"
    },
    {
      "name": "CVE-2010-1387",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1387"
    },
    {
      "name": "CVE-2010-1822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1822"
    },
    {
      "name": "CVE-2010-3821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3821"
    },
    {
      "name": "CVE-2010-3824",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3824"
    },
    {
      "name": "CVE-2010-1418",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1418"
    },
    {
      "name": "CVE-2010-3832",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3832"
    },
    {
      "name": "CVE-2010-3819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3819"
    },
    {
      "name": "CVE-2010-3804",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3804"
    },
    {
      "name": "CVE-2010-1403",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1403"
    },
    {
      "name": "CVE-2010-1770",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1770"
    },
    {
      "name": "CVE-2010-3822",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3822"
    },
    {
      "name": "CVE-2010-3259",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3259"
    },
    {
      "name": "CVE-2010-1414",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1414"
    },
    {
      "name": "CVE-2010-3813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3813"
    },
    {
      "name": "CVE-2010-1807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1807"
    },
    {
      "name": "CVE-2010-3803",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3803"
    },
    {
      "name": "CVE-2010-3812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3812"
    },
    {
      "name": "CVE-2010-3831",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3831"
    },
    {
      "name": "CVE-2009-1707",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1707"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2010-1771",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1771"
    },
    {
      "name": "CVE-2010-3809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3809"
    },
    {
      "name": "CVE-2010-3820",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3820"
    },
    {
      "name": "CVE-2010-1813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1813"
    },
    {
      "name": "CVE-2010-0042",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0042"
    },
    {
      "name": "CVE-2010-3816",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3816"
    },
    {
      "name": "CVE-2010-1789",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1789"
    },
    {
      "name": "CVE-2010-1764",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1764"
    },
    {
      "name": "CVE-2010-1788",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1788"
    },
    {
      "name": "CVE-2010-3826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3826"
    },
    {
      "name": "CVE-2010-1410",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1410"
    },
    {
      "name": "CVE-2010-3810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3810"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2010-3830",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3830"
    },
    {
      "name": "CVE-2010-3786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3786"
    },
    {
      "name": "CVE-2010-1793",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1793"
    },
    {
      "name": "CVE-2010-1786",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1786"
    },
    {
      "name": "CVE-2010-0544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0544"
    },
    {
      "name": "CVE-2010-3829",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3829"
    },
    {
      "name": "CVE-2010-1785",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1785"
    },
    {
      "name": "CVE-2010-1783",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1783"
    },
    {
      "name": "CVE-2010-1416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1416"
    },
    {
      "name": "CVE-2010-3817",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3817"
    },
    {
      "name": "CVE-2010-3814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3814"
    },
    {
      "name": "CVE-2010-3808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3808"
    },
    {
      "name": "CVE-2010-1394",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1394"
    },
    {
      "name": "CVE-2010-3116",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3116"
    },
    {
      "name": "CVE-2010-1405",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1405"
    },
    {
      "name": "CVE-2010-3805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3805"
    },
    {
      "name": "CVE-2010-0051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0051"
    },
    {
      "name": "CVE-2010-1806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1806"
    },
    {
      "name": "CVE-2010-1757",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1757"
    },
    {
      "name": "CVE-2010-1422",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1422"
    },
    {
      "name": "CVE-2010-3828",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3828"
    },
    {
      "name": "CVE-2010-3827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3827"
    },
    {
      "name": "CVE-2010-1758",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1758"
    },
    {
      "name": "CVE-2010-1843",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1843"
    },
    {
      "name": "CVE-2010-2808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2808"
    },
    {
      "name": "CVE-2010-1781",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1781"
    },
    {
      "name": "CVE-2010-2805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2805"
    },
    {
      "name": "CVE-2010-3818",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3818"
    },
    {
      "name": "CVE-2010-1415",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1415"
    },
    {
      "name": "CVE-2010-3053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3053"
    },
    {
      "name": "CVE-2010-4008",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
    },
    {
      "name": "CVE-2010-3257",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3257"
    },
    {
      "name": "CVE-2010-3823",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3823"
    },
    {
      "name": "CVE-2010-3054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3054"
    },
    {
      "name": "CVE-2010-1421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1421"
    },
    {
      "name": "CVE-2010-1417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1417"
    },
    {
      "name": "CVE-2010-2806",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2806"
    },
    {
      "name": "CVE-2010-3811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3811"
    },
    {
      "name": "CVE-2010-1812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1812"
    },
    {
      "name": "CVE-2010-1811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1811"
    },
    {
      "name": "CVE-2010-1392",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1392"
    },
    {
      "name": "CVE-2010-1780",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1780"
    },
    {
      "name": "CVE-2010-1814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1814"
    },
    {
      "name": "CVE-2010-1815",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1815"
    },
    {
      "name": "CVE-2010-1787",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1787"
    },
    {
      "name": "CVE-2010-2807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2807"
    },
    {
      "name": "CVE-2010-1384",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1384"
    }
  ],
  "initial_release_date": "2010-11-24T00:00:00",
  "last_revision_date": "2010-11-24T00:00:00",
  "links": [],
  "reference": "CERTA-2010-AVI-565",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-11-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s affectent \u003cspan class=\"textit\"\u003eApple\niOS\u003c/span\u003e. Certaines permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Apple iOS",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT4456 du 22 novembre 2010",
      "url": "http://support.apple.com/kb/HT4456"
    }
  ]
}

CERTA-2010-AVI-457

Vulnerability from certfr_avis - Published: 2010-09-24 - Updated: 2010-09-24

De multiples vulnérabilités dans VMware Workstation, VMware Player et VMware ACE Management Server permettent, entre autres, l'exécution de code arbitraire à distance.

Description

De multiples vulnérabilités ont été identifiées dans les produits VMware. Leur exploitation permet, entre autres, à une personne malintentionnée d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
VMware	N/A	VMware Workstation versions 7.1.1 et antérieures ;
VMware	N/A	VMware Player versions 3.1.1 et antétieures ;
VMware	N/A	VMware ACE Management Server versions 2.7.1 et antérieures.

References

Title

Publication Time

Tags

Bulletin de sécurité VMware VMSA-2010-0014 du 23 septembre 2010	None	vendor-advisory
Bulletin de sécurité VMware VMSA-2010-0014 du 23 septembre 2010 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "VMware Workstation versions 7.1.1 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware Player versions 3.1.1 et ant\u00e9tieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    },
    {
      "description": "VMware ACE Management Server versions 2.7.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "VMware",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans les produits\nVMware. Leur exploitation permet, entre autres, \u00e0 une personne\nmalintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2010-0434",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0434"
    },
    {
      "name": "CVE-2010-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0205"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2010-0425",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0425"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2010-3277",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-3277"
    }
  ],
  "initial_release_date": "2010-09-24T00:00:00",
  "last_revision_date": "2010-09-24T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2010-0014 du 23 septembre    2010 :",
      "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
    }
  ],
  "reference": "CERTA-2010-AVI-457",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2010-09-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans VMware Workstation, VMware Player et\nVMware ACE Management Server permettent, entre autres, l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 VMware VMSA-2010-0014 du 23 septembre 2010",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-244

Vulnerability from certfr_avis - Published: 2014-05-27 - Updated: 2014-05-27

De multiples vulnérabilités ont été corrigées dans Oracle Solaris. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Solaris 8
Oracle	N/A	Solaris 11.1
Oracle	N/A	Solaris 9
Oracle	N/A	Solaris 10

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 22 mai 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Solaris 8",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 11.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 9",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Solaris 10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-4286",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4286"
    },
    {
      "name": "CVE-2013-0200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0200"
    },
    {
      "name": "CVE-2013-4590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4590"
    },
    {
      "name": "CVE-2013-6712",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6712"
    },
    {
      "name": "CVE-2013-6420",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6420"
    },
    {
      "name": "CVE-2013-1571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1571"
    },
    {
      "name": "CVE-2012-4037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4037"
    },
    {
      "name": "CVE-2006-4810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-4810"
    },
    {
      "name": "CVE-2013-4242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
    },
    {
      "name": "CVE-2010-0205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-0205"
    },
    {
      "name": "CVE-2010-2249",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-2249"
    },
    {
      "name": "CVE-2013-4248",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4248"
    },
    {
      "name": "CVE-2014-0098",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0098"
    },
    {
      "name": "CVE-2010-1205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2010-1205"
    },
    {
      "name": "CVE-2014-1943",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1943"
    },
    {
      "name": "CVE-2014-2281",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2281"
    },
    {
      "name": "CVE-2013-4496",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4496"
    },
    {
      "name": "CVE-2013-4322",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4322"
    },
    {
      "name": "CVE-2013-5211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5211"
    },
    {
      "name": "CVE-2014-0033",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0033"
    },
    {
      "name": "CVE-2014-0591",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0591"
    },
    {
      "name": "CVE-2012-3544",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3544"
    },
    {
      "name": "CVE-2014-2283",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2283"
    },
    {
      "name": "CVE-2013-6438",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-6438"
    },
    {
      "name": "CVE-2014-2270",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2270"
    },
    {
      "name": "CVE-2013-4238",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4238"
    },
    {
      "name": "CVE-2014-1912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1912"
    },
    {
      "name": "CVE-2014-2282",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2282"
    }
  ],
  "initial_release_date": "2014-05-27T00:00:00",
  "last_revision_date": "2014-05-27T00:00:00",
  "links": [],
  "reference": "CERTFR-2014-AVI-244",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Solaris\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par\nl\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de\nservice \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Solaris",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 22 mai 2014",
      "url": "http://www.oracle.com/technetwork/topics/security/thirdparty-patch-map-1482893.html"
    }
  ]
}

GHSA-2R3R-854P-XJFR

Vulnerability from github – Published: 2022-05-13 01:23 – Updated: 2022-05-13 01:23

Details

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-2249"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-401"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-06-30T18:30:00Z",
    "severity": "MODERATE"
  },
  "details": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.",
  "id": "GHSA-2r3r-854p-xjfr",
  "modified": "2022-05-13T01:23:34Z",
  "published": "2022-05-13T01:23:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2249"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2010:0534"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2010-2249"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
    },
    {
      "type": "WEB",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
    },
    {
      "type": "WEB",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng;a=commitdiff;h=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40302"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40336"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40472"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/40547"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/41574"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42314"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42317"
    },
    {
      "type": "WEB",
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4456"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4457"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2010/dsa-2072"
    },
    {
      "type": "WEB",
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/41174"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1024723"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-960-1"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1612"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1637"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1755"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1837"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1846"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/1877"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/2491"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/3045"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/3046"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

FKIE_CVE-2010-2249

Vulnerability from fkie_nvd - Published: 2010-06-30 18:30 - Updated: 2025-04-11 00:51

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
secalert@redhat.com	http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://lists.vmware.com/pipermail/security-announce/2010/000105.html	Mailing List, Third Party Advisory
secalert@redhat.com	http://secunia.com/advisories/40302	Broken Link
secalert@redhat.com	http://secunia.com/advisories/40336	Broken Link
secalert@redhat.com	http://secunia.com/advisories/40472	Broken Link
secalert@redhat.com	http://secunia.com/advisories/40547	Broken Link
secalert@redhat.com	http://secunia.com/advisories/41574	Broken Link
secalert@redhat.com	http://secunia.com/advisories/42314	Broken Link
secalert@redhat.com	http://secunia.com/advisories/42317	Broken Link
secalert@redhat.com	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061	Mailing List, Patch, Third Party Advisory
secalert@redhat.com	http://support.apple.com/kb/HT4435	Broken Link
secalert@redhat.com	http://support.apple.com/kb/HT4456	Third Party Advisory
secalert@redhat.com	http://support.apple.com/kb/HT4457	Third Party Advisory
secalert@redhat.com	http://support.apple.com/kb/HT4554	Third Party Advisory
secalert@redhat.com	http://support.apple.com/kb/HT4566	Broken Link
secalert@redhat.com	http://www.debian.org/security/2010/dsa-2072	Third Party Advisory
secalert@redhat.com	http://www.libpng.org/pub/png/libpng.html	Product, Vendor Advisory
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDVSA-2010:133	Broken Link
secalert@redhat.com	http://www.securityfocus.com/bid/41174	Patch, Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.securitytracker.com/id?1024723	Third Party Advisory, VDB Entry
secalert@redhat.com	http://www.ubuntu.com/usn/USN-960-1	Third Party Advisory
secalert@redhat.com	http://www.vmware.com/security/advisories/VMSA-2010-0014.html	Third Party Advisory
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1612	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1637	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1755	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1837	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1846	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/1877	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/2491	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/3045	Broken Link
secalert@redhat.com	http://www.vupen.com/english/advisories/2010/3046	Broken Link
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=608644	Issue Tracking, Patch, Third Party Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/59816	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.vmware.com/pipermail/security-announce/2010/000105.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40302	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40336	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40472	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/40547	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/41574	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42314	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42317	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061	Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4435	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4456	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4457	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4554	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT4566	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2010/dsa-2072	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.libpng.org/pub/png/libpng.html	Product, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2010:133	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/41174	Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024723	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-960-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/security/advisories/VMSA-2010-0014.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1612	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1637	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1755	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1837	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1846	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/1877	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/2491	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/3045	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/3046	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=608644	Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/59816	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
libpng	libpng	*
libpng	libpng	*
apple	itunes	*
apple	safari	*
apple	iphone_os	*
apple	tvos	*
fedoraproject	fedora	12
fedoraproject	fedora	13
opensuse	opensuse	11.1
opensuse	opensuse	11.2
suse	linux_enterprise_server	9
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
vmware	player	*
vmware	player	*
vmware	workstation	*
vmware	workstation	*
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	8.04
canonical	ubuntu_linux	9.04
canonical	ubuntu_linux	9.10
canonical	ubuntu_linux	10.04
debian	debian_linux	5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A7768B8-2319-4AAF-B38E-A3B21A37B0FE",
              "versionEndExcluding": "1.2.44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "13C02A4C-7A19-4F0D-A192-C031833576D6",
              "versionEndExcluding": "1.4.3",
              "versionStartIncluding": "1.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE850901-4B2A-4C98-836A-40683CB02FB4",
              "versionEndExcluding": "10.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57A2B591-583F-4644-A900-4890FEFEE18C",
              "versionEndExcluding": "5.0.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D97C1BD-57D8-4131-B437-6BA9F41C8F50",
              "versionEndIncluding": "4.1",
              "versionStartIncluding": "2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "407115F2-CC65-448B-8133-D3D57AD306BA",
              "versionEndExcluding": "4.1.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
              "matchCriteriaId": "E44669D7-6C1E-4844-B78A-73E253A7CC17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2D59BD0-43DE-4E58-A057-640AB98359A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBF7B6A8-3DF9-46EC-A90E-6EF68C39F883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A01C8B7E-EB19-40EA-B1D2-9AE5EA536C95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "25CBACD3-AFB7-410D-927F-0C1FF477D396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
              "matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "EE26596F-F10E-44EF-88CA-0080646E91B9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "926563F5-E868-4E88-A1F8-B29624FB2438",
              "versionEndExcluding": "2.5.5",
              "versionStartIncluding": "2.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01F27AB-A8F6-455B-9495-821520435771",
              "versionEndExcluding": "3.1.2",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "894BC4D6-EBB6-4743-A860-170D7D31196A",
              "versionEndExcluding": "6.5.5",
              "versionStartIncluding": "6.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D23900B-C027-44C5-B912-9F7F71C7EBD1",
              "versionEndExcluding": "7.1.2",
              "versionStartIncluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
              "matchCriteriaId": "454A5D17-B171-4F1F-9E0B-F18D1E5CA9FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0507E91-567A-41D6-A7E5-5088A39F75FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5D026D0-EF78-438D-BEDD-FC8571F3ACEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2BCB73E-27BB-4878-AD9C-90C4F20C25A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C757774-08E7-40AA-B532-6F705C8F7639",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
    },
    {
      "lang": "es",
      "value": "Fuga de memoria en pngrutil.c en libpng anteriores a v1.2.44 y v1.4.x anteriores a v.1.4.3, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de una imagen que contiene un troceado mal formado del Physical Scale (tambi\u00e9n conocido como sCAL)"
    }
  ],
  "id": "CVE-2010-2249",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2010-06-30T18:30:01.847",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40302"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40336"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40472"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40547"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41574"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/42314"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/42317"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4456"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4457"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2010/dsa-2072"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/41174"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1024723"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-960-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1612"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1637"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1755"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1837"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1846"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1877"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2491"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/3045"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/3046"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40302"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40472"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/40547"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/41574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/42314"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/42317"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://support.apple.com/kb/HT4435"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4456"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4457"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT4554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://support.apple.com/kb/HT4566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2010/dsa-2072"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Vendor Advisory"
      ],
      "url": "http://www.libpng.org/pub/png/libpng.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/41174"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1024723"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-960-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1755"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1837"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1846"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/1877"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2491"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/3045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/3046"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2010-2249

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-2249

Aliases

CVE-2010-2249

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-2249",
    "description": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.",
    "id": "GSD-2010-2249",
    "references": [
      "https://www.suse.com/security/cve/CVE-2010-2249.html",
      "https://www.debian.org/security/2010/dsa-2072",
      "https://access.redhat.com/errata/RHSA-2010:0534",
      "https://linux.oracle.com/cve/CVE-2010-2249.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-2249"
      ],
      "details": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.",
      "id": "GSD-2010-2249",
      "modified": "2023-12-13T01:21:31.266796Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2010-2249",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "name": "http://support.apple.com/kb/HT4435",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "name": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html",
            "refsource": "MISC",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
          },
          {
            "name": "http://www.libpng.org/pub/png/libpng.html",
            "refsource": "MISC",
            "url": "http://www.libpng.org/pub/png/libpng.html"
          },
          {
            "name": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html",
            "refsource": "MISC",
            "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
          },
          {
            "name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
          },
          {
            "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20",
            "refsource": "MISC",
            "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
          },
          {
            "name": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html",
            "refsource": "MISC",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
          },
          {
            "name": "http://secunia.com/advisories/40302",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/40302"
          },
          {
            "name": "http://secunia.com/advisories/40336",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/40336"
          },
          {
            "name": "http://secunia.com/advisories/40472",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/40472"
          },
          {
            "name": "http://secunia.com/advisories/40547",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/40547"
          },
          {
            "name": "http://secunia.com/advisories/41574",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/41574"
          },
          {
            "name": "http://secunia.com/advisories/42314",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42314"
          },
          {
            "name": "http://secunia.com/advisories/42317",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/42317"
          },
          {
            "name": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061",
            "refsource": "MISC",
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
          },
          {
            "name": "http://support.apple.com/kb/HT4456",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT4456"
          },
          {
            "name": "http://support.apple.com/kb/HT4457",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT4457"
          },
          {
            "name": "http://support.apple.com/kb/HT4554",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT4554"
          },
          {
            "name": "http://support.apple.com/kb/HT4566",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT4566"
          },
          {
            "name": "http://www.debian.org/security/2010/dsa-2072",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2010/dsa-2072"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
          },
          {
            "name": "http://www.securityfocus.com/bid/41174",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/41174"
          },
          {
            "name": "http://www.securitytracker.com/id?1024723",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id?1024723"
          },
          {
            "name": "http://www.ubuntu.com/usn/USN-960-1",
            "refsource": "MISC",
            "url": "http://www.ubuntu.com/usn/USN-960-1"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1612",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1612"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1637",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1637"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1755",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1755"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1837",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1837"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1846",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1846"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/1877",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/1877"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/2491",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/2491"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/3045",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/3045"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2010/3046",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2010/3046"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608644",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,1.2.44),[1.4.0,1.4.3)",
          "affected_versions": "All versions before 1.2.44, all versions starting from 1.4.0 before 1.4.3",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-401",
            "CWE-937"
          ],
          "date": "2020-08-14",
          "description": "Memory leak in pngrutil.c in libpng , allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.",
          "fixed_versions": [
            "1.5.10.9"
          ],
          "identifier": "CVE-2010-2249",
          "identifiers": [
            "CVE-2010-2249"
          ],
          "not_impacted": "All versions starting from 1.2.44 before 1.4.0, all versions starting from 1.4.3",
          "package_slug": "nuget/libpng",
          "pubdate": "2010-06-30",
          "solution": "Upgrade to version 1.5.10.9 or above.",
          "title": "Missing Release of Memory after Effective Lifetime",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2010-2249"
          ],
          "uuid": "dce78044-67b9-49f7-90ed-6ba4ac8d422d"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.4.3",
                "versionStartIncluding": "1.4.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.2.44",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.0.4",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.1",
                "versionStartIncluding": "2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "4.1.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "2.5.5",
                "versionStartIncluding": "2.5",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.5.5",
                "versionStartIncluding": "6.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:player:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "3.1.2",
                "versionStartIncluding": "3.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:vmware:workstation:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.1.2",
                "versionStartIncluding": "7.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2010-2249"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-401"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=608644",
              "refsource": "CONFIRM",
              "tags": [
                "Issue Tracking",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=608644"
            },
            {
              "name": "40302",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/40302"
            },
            {
              "name": "ADV-2010-1612",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1612"
            },
            {
              "name": "http://www.libpng.org/pub/png/libpng.html",
              "refsource": "CONFIRM",
              "tags": [
                "Product",
                "Vendor Advisory"
              ],
              "url": "http://www.libpng.org/pub/png/libpng.html"
            },
            {
              "name": "41174",
              "refsource": "BID",
              "tags": [
                "Patch",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/41174"
            },
            {
              "name": "USN-960-1",
              "refsource": "UBUNTU",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-960-1"
            },
            {
              "name": "ADV-2010-1755",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1755"
            },
            {
              "name": "40472",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/40472"
            },
            {
              "name": "ADV-2010-1877",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1877"
            },
            {
              "name": "DSA-2072",
              "refsource": "DEBIAN",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.debian.org/security/2010/dsa-2072"
            },
            {
              "name": "FEDORA-2010-10833",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html"
            },
            {
              "name": "MDVSA-2010:133",
              "refsource": "MANDRIVA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:133"
            },
            {
              "name": "FEDORA-2010-10823",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html"
            },
            {
              "name": "ADV-2010-1837",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1837"
            },
            {
              "name": "ADV-2010-1846",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1846"
            },
            {
              "name": "40547",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/40547"
            },
            {
              "name": "41574",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/41574"
            },
            {
              "name": "ADV-2010-2491",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2491"
            },
            {
              "name": "SUSE-SR:2010:017",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://www.vmware.com/security/advisories/VMSA-2010-0014.html"
            },
            {
              "name": "[security-announce] 20100923 VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
            },
            {
              "name": "APPLE-SA-2010-11-10-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4435",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "http://support.apple.com/kb/HT4435"
            },
            {
              "name": "http://support.apple.com/kb/HT4456",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4456"
            },
            {
              "name": "APPLE-SA-2010-11-22-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html"
            },
            {
              "name": "ADV-2010-3046",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3046"
            },
            {
              "name": "http://support.apple.com/kb/HT4457",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4457"
            },
            {
              "name": "ADV-2010-3045",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3045"
            },
            {
              "name": "42314",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/42314"
            },
            {
              "name": "1024723",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1024723"
            },
            {
              "name": "42317",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/42317"
            },
            {
              "name": "APPLE-SA-2011-03-02-1",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4554",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://support.apple.com/kb/HT4554"
            },
            {
              "name": "APPLE-SA-2011-03-09-2",
              "refsource": "APPLE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4566",
              "refsource": "CONFIRM",
              "tags": [
                "Broken Link"
              ],
              "url": "http://support.apple.com/kb/HT4566"
            },
            {
              "name": "40336",
              "refsource": "SECUNIA",
              "tags": [
                "Broken Link"
              ],
              "url": "http://secunia.com/advisories/40336"
            },
            {
              "name": "ADV-2010-1637",
              "refsource": "VUPEN",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/1637"
            },
            {
              "name": "SSA:2010-180-01",
              "refsource": "SLACKWARE",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.613061"
            },
            {
              "name": "libpng-scal-dos(59816)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59816"
            },
            {
              "name": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20",
              "refsource": "MISC",
              "tags": [],
              "url": "http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=90cfcecc09febb8d6c8c1d37ea7bb7cf0f4b00f3#patch20"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-02-13T04:21Z",
      "publishedDate": "2010-06-30T18:30Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-2249 (GCVE-0-2010-2249)

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Description

Solution

Solution

Tags

Sightings

Nomenclature