Flaws in Graphics Library Could Bring Attacks

Multiple vulnerabilities in an open-source image format reportedly could allow an attacker to execute arbitrary code in the context of a user viewing a malicious PNG image.

A researcher performing a source-code audit on a popular graphics library has found multiple security vulnerabilities in it that could be used to crash programs or execute attack code.

The PNG library (libpng) is a collection of graphics routines to manipulate PNG (portable network graphics) files. PNG (Portable Networks Graphic) is a graphics format that was designed many years ago as an alternative to the still more popular GIF format.

/zimages/4/28571.gifClick here to read about fixes from the Mozilla Foundation and Opera.

According to the advisory, released by the OpenPKG Project, there is "a stack-based buffer overflow in libpng which can be triggered to run arbitrary code by a malicious png file."

A null-pointer error also exists that could be used by a malicious PNG file to crash a program, and several integer overflows that the researcher found could produce a denial of service in the program and the possibility of arbitrary code execution.

/zimages/4/28571.gifFor insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzers Weblog.

Many Linux distributions have issued their own advisories and fixes for the bugs, including the Mozilla foundation, which has issued fixes for the Mozilla and Firefox browsers and the Thunderbird e-mail client.

The maintainer of the library, Glenn Randers-Pehrson, suggested that users download libpng 1.2.6rc1, libpng-1.0.16rc1, as well as an appropriate combo patch from Sourceforge or swrinde.

/zimages/4/28571.gifCheck out eWEEK.coms Security Center at http://security.eweek.com for security news, views and analysis.

/zimages/4/77042.gif

Be sure to add our eWEEK.com security news feed to your RSS newsreader or My Yahoo page: /zimages/4/19420.gif http://us.i1.yimg.com/us.yimg.com/i/us/my/addtomyyahoo2.gif