Signature Detail

HTTP: Invalid PNG Width

This signature detects PNG (Portable Network Graphic) files with invalid width parameters. Programs such as Web browsers or e-mail clients can be vulnerable to denial-of-service attacks or can execute code when reading malicious PNG files.

Extended Description

The GD Graphics Library (gdlib) is affected by an integer overflow that facilitates a heap overflow. This issue is due to the library's failure to do proper sanity checking on size values contained within image-format files. An attacker may leverage this issue to manipulate process heap memory, potentially leading to code execution and compromise of the computer running the affected library.

Affected Products

• Avaya Converged Communications Server 2.0.0
• Avaya Intuity LX
• Avaya MN100
• Avaya Modular Messaging S3400
• Avaya Modular Messaging (MSS) 1.1.0
• Avaya Modular Messaging (MSS) 2.0.0
• Avaya Network Routing
• Avaya S8300 R2.0.0
• Avaya S8300 R2.0.1
• Avaya S8500 R2.0.0
• Avaya S8500 R2.0.1
• Avaya S8700 R2.0.0
• Avaya S8700 R2.0.1
• Avaya S8710 R2.0.0
• Avaya S8710 R2.0.1
• GD Graphics Library gdlib 1.8.4
• GD Graphics Library gdlib 2.0.1
• GD Graphics Library gdlib 2.0.15
• GD Graphics Library gdlib 2.0.20
• GD Graphics Library gdlib 2.0.21
• GD Graphics Library gdlib 2.0.22
• GD Graphics Library gdlib 2.0.23
• GD Graphics Library gdlib 2.0.26
• GD Graphics Library gdlib 2.0.27
• GD Graphics Library gdlib 2.0.28
• Gentoo Linux
• Mandriva Corporate Server 3.0.0
• Mandriva Corporate Server 3.0.0 X86 64
• Mandriva Linux Mandrake 10.2.0
• Mandriva Linux Mandrake 10.2.0 X86 64
• Mandriva Linux Mandrake 2006.0.0
• Mandriva Linux Mandrake 2006.0.0 X86 64
• Mandriva Multi Network Firewall 2.0.0
• OpenPKG 2.1.0
• OpenPKG 2.2.0
• OpenPKG Current
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 3
• rPath rPath Linux 1
• SGI Advanced Linux Environment 3.0.0
• SGI ProPack 3.0.0
• SuSE Linux 8.0.0
• SuSE Linux 8.1.0
• SuSE Linux Desktop 1.0.0
• SuSE Linux Personal 10.0.0 OSS
• SuSE Linux Personal 8.2.0
• SuSE Linux Personal 9.0.0
• SuSE Linux Personal 9.0.0 X86 64
• SuSE Linux Personal 9.1.0
• SuSE Linux Personal 9.1.0 X86 64
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 8.2.0
• SuSE Linux Professional 9.0.0
• SuSE Linux Professional 9.0.0 X86 64
• SuSE Linux Professional 9.1.0
• SuSE Linux Professional 9.1.0 X86 64
• SuSE Linux Professional 9.2.0
• SuSE Linux Professional 9.2.0 X86 64
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64
• SuSE Novell Linux Desktop 9.0.0
• SuSE Open-Enterprise-Server 9.0.0
• SuSE SUSE Linux Enterprise Server 8
• SuSE SUSE Linux Enterprise Server 9
• SuSE SuSE Linux Openexchange Server 4.0.0
• SuSE SUSE LINUX Retail Solution 8.0.0
• SuSE SuSE Linux School Server for i386
• SuSE SuSE Linux Standard Server 8.0.0
• Trustix Secure Enterprise Linux 2.0.0
• Trustix Secure Linux 1.5.0
• Trustix Secure Linux 2.0.0
• Trustix Secure Linux 2.1.0
• Trustix Secure Linux 2.2.0
• Turbolinux Appliance Server 2.0
• Turbolinux FUJI
• Turbolinux Home
• Turbolinux 10 F...
• Turbolinux FUJI
• Turbolinux Turbolinux Desktop 10.0.0
• Turbolinux Turbolinux Server 10.0.0
• Turbolinux Turbolinux Server 10.0.0 X64
• Ubuntu Ubuntu Linux 4.1.0 Ia32
• Ubuntu Ubuntu Linux 4.1.0 Ia64
• Ubuntu Ubuntu Linux 4.1.0 Ppc

References

• BugTraq: 11523
• BugTraq: 36649
• CVE: CVE-2004-0990
• CVE: CVE-2009-3126
• URL: http://xforce.iss.net/xforce/xfdb/17866