A researcher performing a source-code audit on a popular graphics library has found multiple security vulnerabilities in it that could be used to crash programs or execute attack code.
The PNG library (libpng) is a collection of graphics routines to manipulate PNG (portable network graphics) files. PNG (Portable Networks Graphic) is a graphics format that was designed many years ago as an alternative to the still more popular GIF format.
According to the advisory, released by the OpenPKG Project, there is “a stack-based buffer overflow in libpng which can be triggered to run arbitrary code by a malicious png file.”
A null-pointer error also exists that could be used by a malicious PNG file to crash a program, and several integer overflows that the researcher found could produce a denial of service in the program and the possibility of arbitrary code execution.
Many Linux distributions have issued their own advisories and fixes for the bugs, including the Mozilla foundation, which has issued fixes for the Mozilla and Firefox browsers and the Thunderbird e-mail client.
The maintainer of the library, Glenn Randers-Pehrson, suggested that users download libpng 1.2.6rc1, libpng-1.0.16rc1, as well as an appropriate combo patch from Sourceforge or swrinde.
Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page: