Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:IMG:LIBPNG-ROWS

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 libpng Image Rows Parsing Memory Corruption Remote Code Execution

Release Date

 2011/08/15

Update Number

 1973

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: libpng Image Rows Parsing Memory Corruption Remote Code Execution


This signature detects attempts to exploit a known vulnerability against the libpng library. A successful attack can lead to arbitrary code execution.

Extended Description

The 'libpng' library is prone to multiple vulnerabilities. Successful exploits may allow remote attackers to cause denial-of-service conditions or potentially execute arbitrary code on computers running the affected library. These issues affect versions prior to 'libpng' 1.4.3 and 1.2.44.

Affected Products

  • Apple Apple TV 2.0.0
  • Apple Apple TV 2.0.1
  • Apple Apple TV 2.0.2
  • Apple Apple TV 2.1
  • Apple Apple TV 4.0
  • Apple iOS 3.2
  • Apple iOS 3.2.1
  • Apple iOS 3.2.2
  • Apple iOS 4
  • Apple iOS 4.0.1
  • Apple iOS 4.0.2
  • Apple iOS 4.1
  • Apple iOS 4.2 beta
  • Apple iPad 3.2
  • Apple iPad 3.2.1
  • Apple iPad 3.2.2
  • Apple iPad
  • Apple iPhone 2.0
  • Apple iPhone 2.0.1
  • Apple iPhone 2.0.2
  • Apple iPhone 2.1
  • Apple iPhone 2.2
  • Apple iPhone 2.2.1
  • Apple iPhone 3.0
  • Apple iPhone 3.0.1
  • Apple iPhone 3.1
  • Apple iPhone 3.1.2
  • Apple iPhone 3.1.3
  • Apple iPhone 3.2
  • Apple iPhone 3.2.1
  • Apple iPhone 4.0
  • Apple iPhone 4.0.1
  • Apple iPhone 4.1
  • Apple iPod Touch 2.1
  • Apple iPod Touch 2.2
  • Apple iPod Touch 2.2.1
  • Apple iPod Touch 3.0
  • Apple iPod Touch 3.1.1
  • Apple iPod Touch 3.1.2
  • Apple iPod Touch 3.1.3
  • Apple iTunes 10
  • Apple iTunes 10.1
  • Apple iTunes 9.0.0
  • Apple iTunes 9.0.1
  • Apple iTunes 9.0.1.8
  • Apple iTunes 9.0.2
  • Apple iTunes 9.1
  • Apple iTunes 9.2
  • Apple iTunes 9.2.1
  • Apple Mac OS X 10.5
  • Apple Mac OS X 10.5.0
  • Apple Mac OS X 10.5.1
  • Apple Mac OS X 10.5.2
  • Apple Mac OS X 10.5.3
  • Apple Mac OS X 10.5.4
  • Apple Mac OS X 10.5.5
  • Apple Mac OS X 10.5.6
  • Apple Mac OS X 10.5.7
  • Apple Mac OS X 10.5.8
  • Apple Mac OS X 10.6
  • Apple Mac OS X 10.6.1
  • Apple Mac OS X 10.6.2
  • Apple Mac OS X 10.6.3
  • Apple Mac OS X 10.6.4
  • Apple Mac OS X Server 10.5
  • Apple Mac OS X Server 10.5.0
  • Apple Mac OS X Server 10.5.1
  • Apple Mac OS X Server 10.5.2
  • Apple Mac OS X Server 10.5.3
  • Apple Mac OS X Server 10.5.4
  • Apple Mac OS X Server 10.5.5
  • Apple Mac OS X Server 10.5.6
  • Apple Mac OS X Server 10.5.7
  • Apple Mac OS X Server 10.5.8
  • Apple Mac OS X Server 10.6
  • Apple Mac OS X Server 10.6.1
  • Apple Mac OS X Server 10.6.2
  • Apple Mac OS X Server 10.6.3
  • Apple Mac OS X Server 10.6.4
  • Apple Safari 4
  • Apple Safari 4.0
  • Apple Safari 4.0.1
  • Apple Safari 4.0.2
  • Apple Safari 4.0.2 For Windows
  • Apple Safari 4.0.3
  • Apple Safari 4.0.3 For Windows
  • Apple Safari 4.0.4
  • Apple Safari 4.0.4 For Windows
  • Apple Safari 4.0.5
  • Apple Safari 4.0.5 For Windows
  • Apple Safari 4.0 Beta
  • Apple Safari 4.1
  • Apple Safari 4.1.1
  • Apple Safari 4.1.2
  • Apple Safari 4.1.2 for Windows
  • Apple Safari 4.1.3
  • Apple Safari 4.1.3 for Windows
  • Apple Safari 4 Beta
  • Apple Safari 4 For Windows
  • Apple Safari 5.0
  • Apple Safari 5.0.1
  • Apple Safari 5.0.1 for Windows
  • Apple Safari 5.0.2
  • Apple Safari 5.0.2 for Windows
  • Apple Safari 5.0.3
  • Apple Safari 5.0.3 for Windows
  • Apple Safari 5.0 For Windows
  • Apple TV 2.0
  • Apple TV 2.1
  • Apple TV 2.2
  • Avaya Aura Conferencing 6.0 Standard
  • Avaya Aura Session Manager 1.0
  • Avaya Aura Session Manager 1.1
  • Avaya Aura Session Manager 5.2
  • Avaya Aura Session Manager 5.2 SP1
  • Avaya Aura Session Manager 5.2 SP2
  • Avaya Aura Session Manager 6.0
  • Avaya Aura System Manager 1.0
  • Avaya Aura System Manager 5.2
  • Avaya Aura System Manager 6.0 SP1
  • Avaya Aura System Platform 1.1
  • Avaya Aura System Platform 6.0
  • Avaya Aura System Platform SP1.1
  • Avaya CMS Server 15.0
  • Avaya CMS Server 16.0
  • Avaya CMS Server 16.1
  • Avaya CMS Server 16.2
  • Avaya Intuity AUDIX
  • Avaya Intuity LX
  • Avaya Intuity LX 2.0
  • Avaya Intuity Audix 5.1.46
  • Avaya Intuity AUDIX LX 1.0
  • Avaya Intuity AUDIX LX 2.0
  • Avaya Intuity AUDIX LX 2.0 SP1
  • Avaya Intuity AUDIX LX 2.0 SP2
  • Avaya Intuity AUDIX LX R1.1
  • Avaya Intuity Audix R5
  • Avaya IQ 5
  • Avaya IQ 5.1
  • Avaya IR 3.0
  • Avaya IR 4.0
  • Avaya Message Networking 3.1
  • Avaya Message Networking 5.2
  • Avaya Message Networking MN 3.1
  • Avaya Message Networking
  • Avaya Messaging Storage Server 1.0
  • Avaya Messaging Storage Server 2.0
  • Avaya Messaging Storage Server 3.1
  • Avaya Messaging Storage Server 3.1 SP1
  • Avaya Messaging Storage Server 4.0
  • Avaya Messaging Storage Server 5.0
  • Avaya Messaging Storage Server 5.1
  • Avaya Messaging Storage Server 5.2
  • Avaya Messaging Storage Server MM3.0
  • Avaya Messaging Storage Server
  • Avaya Proactive Contact 3.0
  • Avaya Proactive Contact 3.0.2
  • Avaya Proactive Contact 3.0.3
  • Avaya Proactive Contact 4.0
  • Avaya Proactive Contact 4.1
  • Avaya Proactive Contact 4.1.1
  • Avaya Proactive Contact 4.1.2
  • Avaya Proactive Contact
  • Avaya Voice Portal 3.0
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 4.1
  • Avaya Voice Portal 4.1 SP1
  • Avaya Voice Portal 4.1 SP2
  • Avaya Voice Portal 5.0
  • Avaya Voice Portal 5.0 SP1
  • Avaya Voice Portal 5.0 SP2
  • Avaya Voice Portal 5.1
  • Blue Coat Systems ProxyAV 3.4.1.0
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Gentoo Linux
  • libpng 0.90
  • libpng 1.0.0
  • libpng 1.0.10
  • libpng 1.0.11
  • libpng 1.0.12
  • libpng 1.0.13
  • libpng 1.0.14
  • libpng 1.0.15
  • libpng 1.0.16
  • libpng 1.0.17
  • libpng 1.0.18
  • libpng 1.0.24
  • libpng 1.0.25
  • libpng 1.0.32
  • libpng 1.0.33
  • libpng 1.0.42
  • libpng 1.0.43
  • libpng 1.0.5
  • libpng 1.0.52
  • libpng 1.0.53
  • libpng 1.0.6
  • libpng 1.0.7
  • libpng 1.0.8
  • libpng 1.0.9
  • libpng 1.2.13
  • libpng 1.2.16
  • libpng 1.2.17
  • libpng 1.2.18
  • libpng 1.2.19
  • libpng 1.2.20
  • libpng 1.2.21
  • libpng 1.2.22 Rc1
  • libpng 1.2.26
  • libpng 1.2.27
  • libpng 1.2.27 Beta01
  • libpng 1.2.34
  • libpng 1.2.35
  • libpng 1.2.36
  • libpng 1.2.37
  • libpng 1.2.42
  • libpng 1.2.43
  • libpng 1.2.8
  • libpng 1.4.0
  • libpng 1.4.0 Beta01
  • libpng 1.4.0 Beta19
  • libpng 1.4.1
  • libpng 1.4.2
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Enterprise Server 5
  • Mandriva Enterprise Server 5 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2009.1
  • Mandriva Linux Mandrake 2009.1 X86 64
  • Mandriva Linux Mandrake 2010.0
  • Mandriva Linux Mandrake 2010.0 X86 64
  • Mandriva Linux Mandrake 2010.1
  • Mandriva Linux Mandrake 2010.1 X86 64
  • Mozilla Firefox 3.5.0
  • Mozilla Firefox 3.5.1
  • Mozilla Firefox 3.5.10
  • Mozilla Firefox 3.5.2
  • Mozilla Firefox 3.5.3
  • Mozilla Firefox 3.5.4
  • Mozilla Firefox 3.5.5
  • Mozilla Firefox 3.5.6
  • Mozilla Firefox 3.5.7
  • Mozilla Firefox 3.5.8
  • Mozilla Firefox 3.5.9
  • Mozilla Firefox 3.6
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.2
  • Mozilla Firefox 3.6.3
  • Mozilla Firefox 3.6.4
  • Mozilla SeaMonkey 2.0
  • Mozilla SeaMonkey 2.0.1
  • Mozilla SeaMonkey 2.0.2
  • Mozilla SeaMonkey 2.0.3
  • Mozilla SeaMonkey 2.0.4
  • Mozilla SeaMonkey 2.0.5
  • Mozilla Thunderbird 3.0
  • Mozilla Thunderbird 3.0.1
  • Mozilla Thunderbird 3.0.2
  • Mozilla Thunderbird 3.0.4
  • Mozilla Thunderbird 3.0.5
  • Pardus Linux 2009
  • Red Hat Desktop 3.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux Desktop Version 4
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux Desktop Workstation 5 Client
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux Optional Productivity Application 5 Server
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 12
  • Red Hat Fedora 13
  • Research In Motion Blackberry Enterprise Server Express for Domino 5.0.2
  • Research In Motion Blackberry Enterprise Server Express for Domino 5.0.2 MR1
  • Research In Motion Blackberry Enterprise Server Express for Domino 5.0.3
  • Research In Motion Blackberry Enterprise Server Express for Exchange 5.0.1
  • Research In Motion Blackberry Enterprise Server Express for Exchange 5.0.2
  • Research In Motion Blackberry Enterprise Server Express for Exchange 5.0.2 MR1
  • Research In Motion Blackberry Enterprise Server Express for Exchange 5.0.3
  • Research In Motion Blackberry Enterprise Server for Domino 5.0.1
  • Research In Motion Blackberry Enterprise Server for Domino 5.0.2
  • Research In Motion Blackberry Enterprise Server for Domino 5.0.2 MR1
  • Research In Motion Blackberry Enterprise Server for Domino 5.0.3
  • Research In Motion Blackberry Enterprise Server for Domino 5.0.3 MR3
  • Research In Motion Blackberry Enterprise Server for Exchange 5.0.1
  • Research In Motion Blackberry Enterprise Server for Exchange 5.0.2
  • Research In Motion Blackberry Enterprise Server for Exchange 5.0.2 MR1
  • Research In Motion Blackberry Enterprise Server for Exchange 5.0.3
  • Research In Motion Blackberry Enterprise Server for Exchange 5.0.3 MR2
  • Research In Motion Blackberry Enterprise Server for Novell Groupwise 4.1.7
  • Research In Motion Blackberry Enterprise Server for Novell Groupwise 5.0.1
  • Research In Motion Blackberry Enterprise Server for Novell Groupwise 5.0.1 MR3
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • Slackware Linux 13.0
  • Slackware Linux 13.0 X86 64
  • Slackware Linux 13.1
  • Slackware Linux 13.1 X86 64
  • Slackware Linux 8.1.0
  • Slackware Linux 9.0.0
  • Slackware Linux 9.1.0
  • Slackware Linux -Current
  • Slackware Linux X86 64 -Current
  • Sun Solaris 10 Sparc
  • Sun Solaris 10 X86
  • Sun Solaris 11 Express
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • SuSE openSUSE 11.1
  • SuSE openSUSE 11.2
  • SuSE openSUSE 11.3
  • SuSE SUSE Linux Enterprise 10 SP3
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise 11 SP1
  • SuSE SUSE Linux Enterprise Desktop 10 SP3
  • SuSE SUSE Linux Enterprise Desktop 11
  • SuSE SUSE Linux Enterprise Desktop 11 SP1
  • SuSE SUSE Linux Enterprise SDK 10 SP3
  • SuSE SUSE Linux Enterprise SDK 11
  • SuSE SUSE Linux Enterprise SDK 11 SP1
  • SuSE SUSE Linux Enterprise Server 10 SP3
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 11 SP1
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 10.04 Amd64
  • Ubuntu Ubuntu Linux 10.04 I386
  • Ubuntu Ubuntu Linux 10.04 Powerpc
  • Ubuntu Ubuntu Linux 10.04 Sparc
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • Ubuntu Ubuntu Linux 9.10 Amd64
  • Ubuntu Ubuntu Linux 9.10 I386
  • Ubuntu Ubuntu Linux 9.10 Lpia
  • Ubuntu Ubuntu Linux 9.10 Powerpc
  • Ubuntu Ubuntu Linux 9.10 Sparc
  • VMWare Player 2.5
  • VMWare Player 2.5.0 Build 118166
  • VMWare Player 2.5.1
  • VMWare Player 2.5.2
  • VMWare Player 2.5.2 Build 156735
  • VMWare Player 2.5.3
  • VMWare Player 2.5.3 Build 185404
  • VMWare Player 2.5.4
  • VMWare Player 2.5.4 Build 246459
  • VMWare Player 3.1
  • VMWare Server 1.0
  • VMWare Server 1.0.1
  • VMWare Server 1.0.10
  • VMWare Server 1.0.10 Build 203137
  • VMWare Server 1.0.1 Build 29996
  • VMWare Server 1.0.2
  • VMWare Server 1.0.3
  • VMWare Server 1.0.4
  • VMWare Server 1.0.4 Build 56528
  • VMWare Server 1.0.5
  • VMWare Server 1.0.5 Build 80187
  • VMWare Server 1.0.6
  • VMWare Server 1.0.6 Build 91891
  • VMWare Server 1.0.7
  • VMWare Server 1.0.7 Build 108231
  • VMWare Server 1.0.8
  • VMWare Server 1.0.8 Build 126538
  • VMWare Server 1.0.9
  • VMWare Server 1.0.9 Build 156507
  • VMWare Server 2.0
  • VMWare Server 2.0.1
  • VMWare Server 2.0.1 Build 156745
  • VMWare Server 2.0.2
  • VMWare Server 2.0.2 Build 203138
  • VMWare Workstation 6.5.0
  • VMWare Workstation 6.5.0 Build 118166
  • VMWare Workstation 6.5.1
  • VMWare Workstation 6.5.2
  • VMWare Workstation 6.5.2 Build 156735
  • VMWare Workstation 6.5.3
  • VMWare Workstation 6.5.3 Build 185404
  • VMWare Workstation 6.5.4 Build 246459
  • VMWare Workstation 7.1

References

  • BugTraq: 41174
  • CVE: CVE-2010-1205

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out