CVE-2010-1205 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 94%

Vendor	Product	Version
libpng	libpng	𝑥 < 1.2.44
libpng	libpng	1.4.0 ≤ 𝑥 < 1.4.3
google	chrome	𝑥 < 5.0.375.99
apple	itunes	𝑥 < 10.2
apple	safari	𝑥 < 5.0.4
apple	iphone_os	2.0 ≤ 𝑥 ≤ 4.1
apple	mac_os_x	10.6.0 ≤ 𝑥 < 10.6.4
apple	mac_os_x_server	10.6.0 ≤ 𝑥 < 10.6.4
opensuse	opensuse	11.1
opensuse	opensuse	11.2
vmware	player	2.5 ≤ 𝑥 < 2.5.5
vmware	player	3.1 ≤ 𝑥 < 3.1.2
vmware	workstation	6.5.0 ≤ 𝑥 < 6.5.5
vmware	workstation	7.1 ≤ 𝑥 < 7.1.2
canonical	ubuntu_linux	6.06
canonical	ubuntu_linux	8.04
canonical	ubuntu_linux	9.04
canonical	ubuntu_linux	9.10
canonical	ubuntu_linux	10.04
debian	debian_linux	5.0
mozilla	firefox	𝑥 < 3.5.11
mozilla	firefox	3.5.12 ≤ 𝑥 < 3.6.7
mozilla	seamonkey	𝑥 < 2.0.6
mozilla	thunderbird	𝑥 < 3.0.6
mozilla	thunderbird	3.0.7 ≤ 𝑥 < 3.1.1

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

tuxonice-userui

bookworm/contrib	1.1+dfsg1.gc3bdd83-4 fixed
bullseye/contrib	1.1+dfsg1.gc3bdd83-4 fixed

Ubuntu Releases

Ubuntu Product

Codename

chromium-browser

lucid	Fixed 6.0.472.53~r57914-0ubuntu0.10.04.1 released
karmic	dne
jaunty	dne
hardy	dne
dapper	dne

firefox

lucid	Fixed 3.6.7+build2+nobinonly-0ubuntu0.10.04.1 released
karmic	dne
jaunty	dne
hardy	ignored
dapper	ignored

libpng

lucid	Fixed 1.2.42-1ubuntu2.1 released
karmic	Fixed 1.2.37-1ubuntu0.2 released
jaunty	Fixed 1.2.27-2ubuntu2.2 released
hardy	Fixed 1.2.15~beta5-3ubuntu0.3 released
dapper	Fixed 1.2.8rel-5ubuntu0.6 released

thunderbird

lucid	Fixed 3.0.6+build2+nobinonly-0ubuntu0.10.04.1 released
karmic	not-affected
jaunty	not-affected
intrepid	not-affected
hardy	not-affected
dapper	dne

xulrunner-1.9.2

lucid	Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.10.04.1 released
karmic	Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2 released
jaunty	Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2 released
hardy	Fixed 1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2 released
dapper	dne

Known Exploits!

Common Weakness Enumeration

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The program copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References

http://blackberry.com/btsc/KB27244

http://code.google.com/p/chromium/issues/detail?id=45983

http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18

http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://lists.vmware.com/pipermail/security-announce/2010/000105.html

http://secunia.com/advisories/40302

http://secunia.com/advisories/40336

http://secunia.com/advisories/40472

http://secunia.com/advisories/40547

http://secunia.com/advisories/41574

http://secunia.com/advisories/42314

http://secunia.com/advisories/42317

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061

http://support.apple.com/kb/HT4312

http://support.apple.com/kb/HT4435

http://support.apple.com/kb/HT4456

http://support.apple.com/kb/HT4457

http://support.apple.com/kb/HT4554

http://support.apple.com/kb/HT4566

http://trac.webkit.org/changeset/61816

http://www.debian.org/security/2010/dsa-2072

http://www.libpng.org/pub/png/libpng.html

http://www.mandriva.com/security/advisories?name=MDVSA-2010:133

http://www.mozilla.org/security/announce/2010/mfsa2010-41.html

http://www.securityfocus.com/bid/41174

http://www.ubuntu.com/usn/USN-960-1

http://www.vmware.com/security/advisories/VMSA-2010-0014.html

http://www.vupen.com/english/advisories/2010/1612

http://www.vupen.com/english/advisories/2010/1637

http://www.vupen.com/english/advisories/2010/1755

http://www.vupen.com/english/advisories/2010/1837

http://www.vupen.com/english/advisories/2010/1846

http://www.vupen.com/english/advisories/2010/1877

http://www.vupen.com/english/advisories/2010/2491

http://www.vupen.com/english/advisories/2010/3045

http://www.vupen.com/english/advisories/2010/3046

https://bugs.webkit.org/show_bug.cgi?id=40798

https://bugzilla.mozilla.org/show_bug.cgi?id=570451

https://bugzilla.redhat.com/show_bug.cgi?id=608238

https://exchange.xforce.ibmcloud.com/vulnerabilities/59815

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851

http://blackberry.com/btsc/KB27244

http://code.google.com/p/chromium/issues/detail?id=45983

http://googlechromereleases.blogspot.com/2010/07/stable-channel-update.html

http://libpng.git.sourceforge.net/git/gitweb.cgi?p=libpng/libpng%3Ba=commitdiff%3Bh=188eb6b42602bf7d7ae708a21897923b6a83fe7c#patch18

http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

http://lists.apple.com/archives/security-announce/2010//Nov/msg00003.html

http://lists.apple.com/archives/security-announce/2011//Mar/msg00004.html

http://lists.apple.com/archives/security-announce/2011/Mar/msg00000.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044283.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044397.html

http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

http://lists.vmware.com/pipermail/security-announce/2010/000105.html

http://secunia.com/advisories/40302

http://secunia.com/advisories/40336

http://secunia.com/advisories/40472

http://secunia.com/advisories/40547

http://secunia.com/advisories/41574

http://secunia.com/advisories/42314

http://secunia.com/advisories/42317

http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.613061

http://support.apple.com/kb/HT4312

http://support.apple.com/kb/HT4435

http://support.apple.com/kb/HT4456

http://support.apple.com/kb/HT4457

http://support.apple.com/kb/HT4554

http://support.apple.com/kb/HT4566

http://trac.webkit.org/changeset/61816

http://www.debian.org/security/2010/dsa-2072

http://www.libpng.org/pub/png/libpng.html

http://www.mandriva.com/security/advisories?name=MDVSA-2010:133

http://www.mozilla.org/security/announce/2010/mfsa2010-41.html

http://www.securityfocus.com/bid/41174

http://www.ubuntu.com/usn/USN-960-1

http://www.vmware.com/security/advisories/VMSA-2010-0014.html

http://www.vupen.com/english/advisories/2010/1612

http://www.vupen.com/english/advisories/2010/1637

http://www.vupen.com/english/advisories/2010/1755

http://www.vupen.com/english/advisories/2010/1837

http://www.vupen.com/english/advisories/2010/1846

http://www.vupen.com/english/advisories/2010/1877

http://www.vupen.com/english/advisories/2010/2491

http://www.vupen.com/english/advisories/2010/3045

http://www.vupen.com/english/advisories/2010/3046

https://bugs.webkit.org/show_bug.cgi?id=40798

https://bugzilla.mozilla.org/show_bug.cgi?id=570451

https://bugzilla.redhat.com/show_bug.cgi?id=608238

https://exchange.xforce.ibmcloud.com/vulnerabilities/59815

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11851