NVD
- Id
- 47388
- Name
- CVE-2009-0040
- Description
- The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.
- Reject
- CVSS Version
- 2
- CVSS Score
- 6.8
- Severity
- Medium
- CVSS Base Score
- 6.8
- CVSS Impact Subscore
- 6.4
- CVSS Exploit Subscore
- 8.6
- CVSS Vector
- (AV:N/AC:M/Au:N/C:P/I:P/A:P)
- Pub Date
- 2017-01-07
- Published
- 2009-02-22
- Modified Date
- 2013-05-14
- Seq
- 2009-0040
Related NVD References
| Id | NVD Id | NVD No. | Reference | Actions |
|---|---|---|---|---|
| 237068 | 47388 | CVE-2009-0040 | ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt | View |
| 237069 | 47388 | CVE-2009-0040 | http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt | View |
| 237070 | 47388 | CVE-2009-0040 | APPLE-SA-2009-08-05-1 | View |
| 237071 | 47388 | CVE-2009-0040 | APPLE-SA-2009-06-08-1 | View |
| 237072 | 47388 | CVE-2009-0040 | APPLE-SA-2009-06-17-1 | View |
| 237073 | 47388 | CVE-2009-0040 | APPLE-SA-2009-05-12 | View |
| 237074 | 47388 | CVE-2009-0040 | SUSE-SR:2009:005 | View |
| 237075 | 47388 | CVE-2009-0040 | SUSE-SA:2009:012 | View |
| 237076 | 47388 | CVE-2009-0040 | SUSE-SA:2009:023 | View |
| 237077 | 47388 | CVE-2009-0040 | [security-announce] 20090820 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server | View |
| 237078 | 47388 | CVE-2009-0040 | oval:org.mitre.oval:def:10316 | View |
| 237079 | 47388 | CVE-2009-0040 | oval:org.mitre.oval:def:6458 | View |
| 237080 | 47388 | CVE-2009-0040 | GLSA-200903-28 | View |
| 237081 | 47388 | CVE-2009-0040 | GLSA-201209-25 | View |
| 237082 | 47388 | CVE-2009-0040 | SSA:2009-083-02 | View |
| 237083 | 47388 | CVE-2009-0040 | SSA:2009-083-03 | View |
| 237084 | 47388 | CVE-2009-0040 | [png-mng-implement] 20090219 libpng-1.2.35 and libpng-1.0.43 fix security vulnerability | View |
| 237085 | 47388 | CVE-2009-0040 | http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441 | View |
| 237086 | 47388 | CVE-2009-0040 | 259989 | View |
| 237087 | 47388 | CVE-2009-0040 | 1020521 | View |
| 237088 | 47388 | CVE-2009-0040 | http://support.apple.com/kb/HT3549 | View |
| 237089 | 47388 | CVE-2009-0040 | http://support.apple.com/kb/HT3613 | View |
| 237090 | 47388 | CVE-2009-0040 | http://support.apple.com/kb/HT3639 | View |
| 237091 | 47388 | CVE-2009-0040 | http://support.apple.com/kb/HT3757 | View |
| 237092 | 47388 | CVE-2009-0040 | http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm | View |
| 237093 | 47388 | CVE-2009-0040 | http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm | View |
| 237094 | 47388 | CVE-2009-0040 | http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document | View |
| 237095 | 47388 | CVE-2009-0040 | http://wiki.rpath.com/Advisories:rPSA-2009-0046 | View |
| 237096 | 47388 | CVE-2009-0040 | DSA-1750 | View |
| 237097 | 47388 | CVE-2009-0040 | DSA-1830 | View |
| 237098 | 47388 | CVE-2009-0040 | VU#649212 | View |
| 237099 | 47388 | CVE-2009-0040 | MDVSA-2009:051 | View |
| 237100 | 47388 | CVE-2009-0040 | MDVSA-2009:075 | View |
| 237101 | 47388 | CVE-2009-0040 | MDVSA-2009:083 | View |
| 237102 | 47388 | CVE-2009-0040 | RHSA-2009:0315 | View |
| 237103 | 47388 | CVE-2009-0040 | RHSA-2009:0325 | View |
| 237104 | 47388 | CVE-2009-0040 | RHSA-2009:0333 | View |
| 237105 | 47388 | CVE-2009-0040 | RHSA-2009:0340 | View |
| 237106 | 47388 | CVE-2009-0040 | 20090312 rPSA-2009-0046-1 libpng | View |
| 237107 | 47388 | CVE-2009-0040 | 20090529 VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues | View |
| 237108 | 47388 | CVE-2009-0040 | 20090821 VMSA-2009-0010 VMware Hosted products update libpng and Apache HTTP Server | View |
| 237109 | 47388 | CVE-2009-0040 | 33827 | View |
| 237110 | 47388 | CVE-2009-0040 | 33990 | View |
| 237111 | 47388 | CVE-2009-0040 | TA09-133A | View |
| 237112 | 47388 | CVE-2009-0040 | TA09-218A | View |
| 237113 | 47388 | CVE-2009-0040 | http://www.vmware.com/security/advisories/VMSA-2009-0007.html | View |
| 237114 | 47388 | CVE-2009-0040 | ADV-2009-0469 | View |
| 237115 | 47388 | CVE-2009-0040 | ADV-2009-0473 | View |
| 237116 | 47388 | CVE-2009-0040 | ADV-2009-0632 | View |
| 237117 | 47388 | CVE-2009-0040 | ADV-2009-1297 | View |
| 237118 | 47388 | CVE-2009-0040 | ADV-2009-1451 | View |
| 237119 | 47388 | CVE-2009-0040 | ADV-2009-1462 | View |
| 237120 | 47388 | CVE-2009-0040 | ADV-2009-1522 | View |
| 237121 | 47388 | CVE-2009-0040 | ADV-2009-1560 | View |
| 237122 | 47388 | CVE-2009-0040 | ADV-2009-1621 | View |
| 237123 | 47388 | CVE-2009-0040 | ADV-2009-2172 | View |
| 237124 | 47388 | CVE-2009-0040 | libpng-pointer-arrays-code-execution(48819) | View |
| 237125 | 47388 | CVE-2009-0040 | FEDORA-2009-2045 | View |
| 237126 | 47388 | CVE-2009-0040 | FEDORA-2009-1976 | View |
| 237127 | 47388 | CVE-2009-0040 | FEDORA-2009-2882 | View |
| 237128 | 47388 | CVE-2009-0040 | FEDORA-2009-2884 | View |
Related JVN
| Id | Name | Title | Summary | Cveinfo Name | Cveinfo Id | Nvdinfo Name | Nvdinfo Id | Cvssv2 | Cvssv3 | Jvnurl | Published Date | Last Updated Date | Actions |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 40098 | JVNDB-2009-001104 | libpng が適切にエレメントポインタを初期化しない脆弱性 | libpng にはエレメントポインタが適切に初期化されない脆弱性が存在します。 | CVE-2009-0040 | 37471 | CVE-2009-0040 | 47388 | 6.8 | http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001104.html | 2009-03-04 | 2012-04-18 | View |
