var-201003-1082
Vulnerability from variot

The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack. libpng Has a specific PNG ( Portable Network Graphics ) There is a problem with the file processing. libpng Contains crafted auxiliary chunks PNG When processing files, a huge amount of memory CPU May use resources. For more information, PNG Development Group Security advisories and Defending Libpng Applications Against Decompression Bombs Please confirm.Disturbance of service operation by a remote third party (DoS) An attack may be carried out. The 'libpng' library is prone to a remote denial-of-service vulnerability. Successful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. Successful exploits will allow an attacker to obtain potentially sensitive information. Versions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. This resource consumption may cause applications using the libpng library to hang. The PNG format uses efficient compression to store graphic data and some related data in an auxiliary database. The PNG specification does not limit the number of chunks, limiting their size to 2.147G (2,147,483,647 bytes). Similarly, the specification limits the width and height of graphics to 2.147 billion rows and 2.147 billion columns. Since the deflate compression method can very efficiently compress data streams consisting of repeated single bytes, small PNG files may occupy a large amount of memory when decompressed, forming a \"decompression bomb that exhausts all available memory. For example, for a zTXt block containing 50,000 lines each containing 100 letters Z, the compressed size is about 17k bytes, but the decompressed size is 5M, and the compression ratio is about 300:1. Libpng library uses inefficient memory acquisition method when expanding compressed zTXt, iTXt and iCCP auxiliary data blocks. About 50k malformed iCCP blocks contained in graphic files can be decompressed to 60M, which will hang the browser for about 20 Minutes, a well-crafted malicious block can also hang the browser for even longer, using up all available memory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201010-01


                                        http://security.gentoo.org/

Severity: Normal Title: Libpng: Multiple vulnerabilities Date: October 05, 2010 Bugs: #307637, #324153, #335887 ID: 201010-01


Synopsis

Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. It is used by several programs, including web browsers and potentially server processes.

Affected packages

-------------------------------------------------------------------
 Package            /  Vulnerable  /                    Unaffected
-------------------------------------------------------------------

1 media-libs/libpng < 1.4.3 >= 1.4.3

Description

Multiple vulnerabilities were found in libpng:

  • The png_decompress_chunk() function in pngrutil.c does not properly handle certain type of compressed data (CVE-2010-0205)

  • A buffer overflow in pngread.c when using progressive applications (CVE-2010-1205)

  • A memory leak in pngrutil.c when dealing with a certain type of chunks (CVE-2010-2249)

Impact

An attacker could exploit these vulnerabilities to cause programs linked against the library to crash or execute arbitrary code with the permissions of the user running the vulnerable program, which could be the root user.

Workaround

There is no known workaround at this time.

Resolution

All libpng users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/libpng-1.4.3"

References

[ 1 ] CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 [ 2 ] CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 [ 3 ] CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201010-01.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


               VMware Security Advisory

Advisory ID: VMSA-2010-0014 Synopsis: VMware Workstation, Player, and ACE address several security issues. Issue date: 2010-09-23 Updated on: 2010-09-23 (initial release of advisory) CVE numbers: CVE-2010-3277 CVE-2010-1205 CVE-2010-0205 CVE-2010-2249 CVE-2010-0434 CVE-2010-0425


  1. Summary

VMware Workstation and Player address a potential installer security issue and security issues in libpng. VMware ACE Management Server (AMS) for Windows updates Apache httpd.

  1. Relevant releases

VMware Workstation 7.1.1 and earlier, VMware Player 3.1.1 and earlier, VMware ACE Management Server 2.7.1 and earlier,

Note: VMware Server was declared End Of Availability on January 2010, support will be limited to Technical Guidance for the duration of the support term.

  1. Problem Description

a. VMware Workstation and Player installer security issue

The Workstation 7.x and Player 3.x installers will load an index.htm
file located in the current working directory on which Workstation
7.x or Player 3.x is being installed. This may allow an attacker to
display a malicious file if they manage to get their file onto the
system prior to installation.

The issue can only be exploited at the time that Workstation 7.x or
Player 3.x is being installed. Installed versions of Workstation and
Player are not affected. The security issue is no longer present in
the installer of the new versions of Workstation 7.x and Player 3.x
(see table below for the version numbers).

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-3277 to this issue.

VMware would like to thank Alexander Trofimov and Marc Esher for
independently reporting this issue to VMware.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.x       any      7.1.2 build 301548 or later *
Workstation    6.5.x     any      not affected

Player         3.x       any      3.1.2 build 301548 or later *
Player         2.5.x     any      not affected

AMS            any       any      not affected

Server         any       any      not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected
  • Note: This only affects the installer, if you have a version of Workstation or Player installed you are not vulnerable.

b. Third party libpng updated to version 1.2.44

A buffer overflow condition in libpng is addressed that could
potentially lead to code execution with the privileges of the
application using libpng. Two potential denial of service issues
are also addressed in the update.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249
to these issues.

The following table lists what action remediates the vulnerability
(column 4) if a solution is available.


VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    7.1.x     any      7.1.2 build 301548 or later
Workstation    6.5.x     any      affected, patch pending

Player         3.1.x     any      3.1.2 build 301548 or later
Player         2.5.x     any      affected, patch pending

AMS            any       any      not affected

Server         any       any      affected, no patch planned

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected

c. VMware ACE Management Server (AMS) for Windows updates Apache httpd version 2.2.15.

A function in Apache HTTP Server when multithreaded MPM is used
does not properly handle headers in subrequests in certain
circumstances which may allow remote attackers to obtain sensitive
information via a crafted request that triggers access to memory
locations associated with an earlier request.

The Apache mod_isapi module can be forced to unload a specific
library before the processing of a request is complete, resulting
in memory corruption. This vulnerability may allow a remote
attacker to execute arbitrary code.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0434 and CVE-2010-0425 to the
issues addressed in this update.

Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware         Product   Running  Replace with/
Product        Version   on       Apply Patch
=============  ========  =======  =================
VirtualCenter  any       Windows  not affected

Workstation    any       any      not affected

Player         any       any      not affected

AMS            any       Windows  2.7.2 build 301548 or later
AMS            any       Linux    affected, patch pending *

Server         any       any      not affected

Fusion         any       Mac OS/X not affected

ESXi           any       ESXi     not affected

ESX            any       ESX      not affected
  • Note CVE-2010-0425 is not applicable to AMS running on Linux

  • Solution Please review the patch/release notes for your product and version and verify the md5sum and/or the sha1sum of your downloaded file.

VMware Workstation 7.1.2


http://www.vmware.com/download/ws/ Release notes: http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html

Workstation for Windows 32-bit and 64-bit with VMware Tools
md5sum: 2e9715ec297dc3ca904ad2707d3e2614 sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a

Workstation for Windows 32-bit and 64-bit without VMware Tools
md5sum: 066929f59aef46f11f4d9fd6c6b36e4d sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3

VMware Player 3.1.2


http://www.vmware.com/download/player/ Release notes:

http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html

VMware Player for Windows 32-bit and 64-bit
md5sum: 3f289cb33af5e425c92d8512fb22a7ba sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70

VMware Player for Linux 32-bit
md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8 sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749

VMware Player for Linux 64-bit
md5sum: 2ab08e0d4050719845a64d334ca15bb1 sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c

VMware ACE Management Server 2.7.2


http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7 Release notes: http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html

ACE Management Server for Windows
md5sum: 02f0072b8e48a98ed914b633f070d550 sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4

  1. References

CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425


  1. Change log

2010-09-23 VMSA-2010-0014 Initial security advisory after release of Workstation 7.1.2, Player 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23


  1. Contact

E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

  • security-announce at lists.vmware.com
  • bugtraq at securityfocus.com
  • full-disclosure at lists.grok.org.uk

E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055

VMware Security Center http://www.vmware.com/security

VMware Security Advisories http://www.vmware.com/security/advisoiries

VMware security response policy http://www.vmware.com/support/policies/security_response.html

General support life cycle policy http://www.vmware.com/support/policies/eos.html

VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html

Copyright 2010 VMware Inc. All rights reserved.

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32)

iEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh eTgAoIAmx+ilbe2myj02daLjFrVQfQII =5jlh -----END PGP SIGNATURE----- .

Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

The updated packages have been patched to correct these issues.


References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205


Updated Packages:

Mandriva Linux 2008.0: a490385a7af091254460923d5b370281 2008.0/i586/libpng3-1.2.22-0.4mdv2008.0.i586.rpm 0a24bbf70a2d0acfe67872e0c9d8f709 2008.0/i586/libpng-devel-1.2.22-0.4mdv2008.0.i586.rpm 4606a9e929c6051e122b70ebe2e7bad4 2008.0/i586/libpng-source-1.2.22-0.4mdv2008.0.i586.rpm 694d03d2e8d3bcd07fc0684fd8a6b0c9 2008.0/i586/libpng-static-devel-1.2.22-0.4mdv2008.0.i586.rpm da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64: 4502fd5d882a47d409bfd0e0bc154c88 2008.0/x86_64/lib64png3-1.2.22-0.4mdv2008.0.x86_64.rpm 91b539a7a3a87d57c1ee1e33921aa787 2008.0/x86_64/lib64png-devel-1.2.22-0.4mdv2008.0.x86_64.rpm f0e202692b44e5ebd09168e307a1ad7b 2008.0/x86_64/lib64png-static-devel-1.2.22-0.4mdv2008.0.x86_64.rpm a5c685aa7aac15155af58211a576e08c 2008.0/x86_64/libpng-source-1.2.22-0.4mdv2008.0.x86_64.rpm da310f9645a322af4d2a97b9cf4592eb 2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm

Corporate 4.0: e224d113e77e285d85ff11c55dae9e50 corporate/4.0/i586/libpng3-1.2.8-1.7.20060mlcs4.i586.rpm c0d62f11277442b0d7a909d0c1c53249 corporate/4.0/i586/libpng3-devel-1.2.8-1.7.20060mlcs4.i586.rpm 8ea7ca8ab7bbed8f2683698a3f493d56 corporate/4.0/i586/libpng3-static-devel-1.2.8-1.7.20060mlcs4.i586.rpm 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm

Corporate 4.0/X86_64: a19c0839e78e5d16cc159621ff8e3786 corporate/4.0/x86_64/lib64png3-1.2.8-1.7.20060mlcs4.x86_64.rpm 68d1b5c5174f6de15eb1d68735e45e0f corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm d477b9271f6beba77435121f09dff09d corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm 76f958bdba2876ea2a36f42407aaa9dc corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm

Multi Network Firewall 2.0: 5fe2f05d45ebaac79c58e47429dedceb mnf/2.0/i586/libpng3-1.2.5-10.12.M20mdk.i586.rpm 0ebace3f9758ea06e6471317f95b253f mnf/2.0/i586/libpng3-devel-1.2.5-10.12.M20mdk.i586.rpm 3aa8ba999455eb190979ec7f6f22421a mnf/2.0/i586/libpng3-static-devel-1.2.5-10.12.M20mdk.i586.rpm 1ceca3083b90247ac1d1b68b4bf08f33 mnf/2.0/SRPMS/libpng-1.2.5-10.12.M20mdk.src.rpm


To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com


Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLp88BmqjQ0CJFipgRAl2vAKCNCYs8gf3lw0tqgRMM6WC87P6roQCfZMU2 M2vZq2Q3ZYYDuZssm6LfxaI= =dFcH -----END PGP SIGNATURE----- . =========================================================== Ubuntu Security Notice USN-913-1 March 16, 2010 libpng vulnerabilities CVE-2009-2042, CVE-2010-0205 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS: libpng12-0 1.2.8rel-5ubuntu0.5

Ubuntu 8.04 LTS: libpng12-0 1.2.15~beta5-3ubuntu0.2

Ubuntu 8.10: libpng12-0 1.2.27-1ubuntu0.2

Ubuntu 9.04: libpng12-0 1.2.27-2ubuntu2.1

Ubuntu 9.10: libpng12-0 1.2.37-1ubuntu0.1

After a standard system upgrade you need to reboot your computer to effect the necessary changes.

Details follow:

It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042)

It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. (CVE-2010-0205)

Updated packages for Ubuntu 6.06 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz
  Size/MD5:    22337 fa254fcc4cb513e59eb9467abad87cca
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc
  Size/MD5:      661 17f3956e31ccadfed0a3bfdc8f5f065a
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz
  Size/MD5:   510681 cac1512878fb98f2456df6dc50bc9bc7

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb
  Size/MD5:      842 a5ab55fb1b372c9ac93493fd699b276f

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb
  Size/MD5:   114374 1315864425b2dfaea123fe05118de0b0
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb
  Size/MD5:   247552 4acf10d5d173d06843cb1dc9b1b894fe
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb
  Size/MD5:    69464 1761fb1c524387b8aabd7bd3dccb2eda

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb
  Size/MD5:   111916 0043501424d2cee81d5f6229a2b3d166
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb
  Size/MD5:   239610 8422b7b137f09b49d27541a87251cce4
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb
  Size/MD5:    66948 a8e6db358ed472eb9f18d3b51aed1347

powerpc architecture (Apple Macintosh G3/G4/G5):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb
  Size/MD5:   111422 a0ea39141ce6319b057db22e9fcaf8d6
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb
  Size/MD5:   245142 d2d7ed0b8fa777fd58fe78345625a1e7
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb
  Size/MD5:    66386 f65de398bac540da7a25370999eb9643

sparc architecture (Sun SPARC/UltraSPARC):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb
  Size/MD5:   108988 5bad496a668c87614866fe1f04c8c17e
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb
  Size/MD5:   239972 b3cf4fc712ab063ababdefc5030ad07a
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb
  Size/MD5:    63832 148d28886ec7fdb3334196a762daad1c

Updated packages for Ubuntu 8.04 LTS:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz
  Size/MD5:    21048 9f9e2ce175afd0a41bfa613c8672a164
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc
  Size/MD5:      832 59b9f6994e1bef9b8f83561b70afda00
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz
  Size/MD5:   829038 77ca14fcee1f1f4daaaa28123bd0b22d

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb
  Size/MD5:      940 e6cfd9d151530dac9ef81148e1690e61

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb
  Size/MD5:   190022 6a7c0dfd7c8501f8628178b5b0eee0cd
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb
  Size/MD5:   179662 bc60e9256f650d385f0c1d175c14fe80
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb
  Size/MD5:    70430 a6782df5314e3c49137b1d3253c2c6b4

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb
  Size/MD5:   188650 0d4b87ea55d252a24bc74ebc4d748645
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb
  Size/MD5:   171178 9608ecb2bd7697bbf4510822a6c61e32
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb
  Size/MD5:    69094 f39b5e822f4da67599876c68904ecad1

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb
  Size/MD5:   189520 36f70d5b5d6cc10e89323efd72b3e061
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb
  Size/MD5:   172882 1b5a5a4d6198c0eb6b14dc89c5a9da19
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb
  Size/MD5:    69994 a3e824e57de27f7b7ed1b93ddd6f6917

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb
  Size/MD5:   190076 8ec2399126dc45cb9069588dec4f23ef
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb
  Size/MD5:   179070 3a16935d6ed3029b636f5a2277470659
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb
  Size/MD5:    70556 a2f68773735f91ca14c95fe374a56d7b

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb
  Size/MD5:   185426 8755e9f8c1be78dbe2de213d9666fd7f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb
  Size/MD5:   173332 f94ff6354e27bda2f21a8a542e77f274
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb
  Size/MD5:    65854 2631780a00ee2727264e6d0f477daa83

Updated packages for Ubuntu 8.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz
  Size/MD5:    19116 22de419d4a9203e183ccc14813b0d5e2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc
  Size/MD5:     1293 bd0ff3a04141fae88c8136f6f9ee63d4
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
  Size/MD5:   783204 13a0de401db1972a8e68f47d5bdadd13

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb
  Size/MD5:      934 cdd02e7c09b4bb61bd14670f155f81f4

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb
  Size/MD5:   168308 37a5c4970ffd3dc878026e66310bfecc
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb
  Size/MD5:   255526 df3e911f99e2d64d3246710e0dea9d49
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb
  Size/MD5:    72758 6a64efb6a07e32ddfe80bed566e110c8

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb
  Size/MD5:   166630 08a7389cb42e41ebba773ecdb9e347fe
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb
  Size/MD5:   247664 e39fbb64952529e977b335e308662782
http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb
  Size/MD5:    71014 9e5c717ed5d4e17d86caabb80221030d

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb
  Size/MD5:   167096 ed195852cc2b60cb0ddc9cccf87ed280
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb
  Size/MD5:   248616 dc85b020b9a129916f24618d3e27e684
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb
  Size/MD5:    71418 e60289ac791f78aae8eb5598a3eacb5a

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb
  Size/MD5:   167230 5f8b71b3a98b1645727f1f4ae534f960
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb
  Size/MD5:   254380 76ea57650fd01eb86a315ca0b73dcdca
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb
  Size/MD5:    71582 f9b8803343f2f61bf5f07b1fb4a25918

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb
  Size/MD5:   162222 445a3d3abb843e73fbf89fe0520ab664
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb
  Size/MD5:   248216 768f20b123d1b0c1c448b3b240245d5c
http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb
  Size/MD5:    66728 cf376eab6461fdee69f0bbde6d58dc53

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz
  Size/MD5:   174503 ffa63cd1b57dc442faff9a65d2f25ee7
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc
  Size/MD5:     1296 890ff19ff7b12aa90d0d38c0b1550055
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz
  Size/MD5:   783204 13a0de401db1972a8e68f47d5bdadd13

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb
  Size/MD5:      936 3dee09961304f1caf76db0995a027b95

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb
  Size/MD5:    72778 30622682dc700cba1101384ab84fe7ca
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb
  Size/MD5:   168382 4be6ce864bf04169baf7d4b656ea8e02
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb
  Size/MD5:   255620 730ed6a69006fa14753ef99f89664d31

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb
  Size/MD5:    71084 5a3cc8f7589fae49e91689d85476b193
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb
  Size/MD5:   166732 d674a5262197c091d9ca5b2370cff187
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb
  Size/MD5:   247744 644a3757529a46d3389e2db18a566f3d

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb
  Size/MD5:    71472 662aba7284b732240c2d7bff864eed12
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb
  Size/MD5:   167200 47dc03f91b37b73626e026cb7da28b15
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb
  Size/MD5:   248706 a01e8fe54d38f4101c6ad0f78eec4a7e

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb
  Size/MD5:    71564 96e3fb7342ab462db7a27fbd39a46649
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb
  Size/MD5:   167254 90e1cb3da8cc85953442611cf0faaed8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb
  Size/MD5:   254444 4b89c89e031c0d4265b1eb3da45f06e9

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb
  Size/MD5:    66646 ac9aa1a738ef8ed71bd8b876f1920098
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb
  Size/MD5:   162176 06a1b4ab47a39790da4e9b1e0967c1d2
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb
  Size/MD5:   248222 91cca4c40c4ce6ac41df52ea62e5008a

Updated packages for Ubuntu 9.10:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz
  Size/MD5:    18107 a9bf93cac21b17a3589193ae511b75d2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc
  Size/MD5:     1293 dc9a20f9a129ad150f61ec9bb745b039
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz
  Size/MD5:   805380 7480dbbf9f6c3297faf6fe52ec9b91ab

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb
  Size/MD5:      934 3d21bd9bf41fe210303474389cfeb0a8

amd64 architecture (Athlon64, Opteron, EM64T Xeon):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb
  Size/MD5:    73848 d436fc20150573d565017d9e29141484
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb
  Size/MD5:   174886 34607a76ee1ebdd82b5c71068e6e32b2
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb
  Size/MD5:   265214 f600588bdf4f00731d94ccd8bbc68455

i386 architecture (x86 compatible Intel/AMD):

http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb
  Size/MD5:    70382 7d93414ce0e28351b972605abae92cd1
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb
  Size/MD5:   171402 2b8f6f1c8e8300c3149c59d1fc107659
http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb
  Size/MD5:   255250 a033009f8d9a990655437c3d129668bf

lpia architecture (Low Power Intel Architecture):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb
  Size/MD5:    71012 d3df3a73bf61acb9f1d489a32b3b8a60
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb
  Size/MD5:   172126 1b94fcc470ba8878eace85240fae74cf
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb
  Size/MD5:   257172 3c3280435a2b7d1817b49cd4a3a14bef

powerpc architecture (Apple Macintosh G3/G4/G5):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb
  Size/MD5:    72402 e0b80daed7db7e00d2a921ed5708ffe8
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb
  Size/MD5:   173494 31c424c02fe594bb6cf9acd1bef1763f
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb
  Size/MD5:   264450 b0546250e1804b0d385bb8eb714cd2da

sparc architecture (Sun SPARC/UltraSPARC):

http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb
  Size/MD5:    67312 0df0d665eeb40343b9d5485910101786
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb
  Size/MD5:   168372 2a079837d6b9f47c41a02340c5d9e27c
http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb
  Size/MD5:   257434 05811c8ff658321e91078f280dacfbe7

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1


Debian Security Advisory DSA-2032-1 security@debian.org http://www.debian.org/security/ Giuseppe Iuculano April 11, 2010 http://www.debian.org/security/faq


Package : libpng Vulnerability : several Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2009-2042 CVE-2010-0205 Debian Bugs : 533676 572308

Several vulnerabilities have been discovered in libpng, a library for reading and writing PNG files. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2009-2042

libpng does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and might allow remote attackers to read portions of sensitive memory via "out-of-bounds pixels" in the file.

For the testing (squeeze) and unstable (sid) distribution, these problems have been fixed in version 1.2.43-1

We recommend that you upgrade your libpng package.

Upgrade instructions


wget url will fetch the file for you dpkg -i file.deb will install the referenced file.

If you are using the apt-get package manager, use the line for sources.list as given below:

apt-get update will update the internal database apt-get upgrade will install corrected packages

You may use an automated update by adding the resources from the footer to the proper configuration.

Debian GNU/Linux 5.0 alias lenny


Debian (stable)


Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc Size/MD5 checksum: 1201 abe81b0d3c4aa7a1fa418e29f2c5b297 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz Size/MD5 checksum: 783204 13a0de401db1972a8e68f47d5bdadd13 http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz Size/MD5 checksum: 19687 60ede1843ceb8a1f127c54b847a74dfa

Architecture independent packages:

http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb Size/MD5 checksum: 880 028b00e28aad8282714776c5dcca64a8

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb Size/MD5 checksum: 86562 d9c50af59951e972557d393409b75bf2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb Size/MD5 checksum: 287752 1d7d84aee223c0933d1a616722607096 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb Size/MD5 checksum: 182436 001ecbf421f70ca521a3968f1d14c874

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb Size/MD5 checksum: 71912 78fbe1a6568671e4c557ec12e29481b0 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb Size/MD5 checksum: 254500 481312a64867f31c363b7fbba9cfe171 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb Size/MD5 checksum: 167864 3d285c20d2f080313f82eb09dcb7261b

arm architecture (ARM)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb Size/MD5 checksum: 64566 a4a9742190557d14beae40133fb46cf1 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb Size/MD5 checksum: 245438 a16f62e771622e05812172f7c7066504 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb Size/MD5 checksum: 159612 81facf06de458dd6b1e84a78bb1acfc8

armel architecture (ARM EABI)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb Size/MD5 checksum: 67028 56fc4199656d239231c7b8d8e035fead http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb Size/MD5 checksum: 245930 9f64181bc16af0ad0de4ba2e86b25706 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb Size/MD5 checksum: 162504 3129e1c2360fcba0309257e2b1dff8ca

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb Size/MD5 checksum: 73858 9d5a53e3258b5149bee68a4d20067bf9 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb Size/MD5 checksum: 169602 12ddce05c84ef675c348a1e64f1a277c http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb Size/MD5 checksum: 261788 9297cb916e57e2f912de3f16bcbae475

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb Size/MD5 checksum: 246968 083d472fd65f884c91dff5926e538342 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb Size/MD5 checksum: 165560 233945ee4b1e442357276431ce495a4c http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb Size/MD5 checksum: 70094 769336f4574678e56931e1a1eaf6be6a

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb Size/MD5 checksum: 305324 42d7265034b84662467bb75456653787 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb Size/MD5 checksum: 111776 ad716022a6a22371bb83f3966ebe17d4 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb Size/MD5 checksum: 206866 572b9d18c5adba74a4e5b99714968a60

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb Size/MD5 checksum: 262242 e905771ac3fa905cc03a3ddc8f9872dd http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb Size/MD5 checksum: 68370 4d44877866357a0fd8474fd8fe183616 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb Size/MD5 checksum: 164154 93c02dbae7dfe59b77ce4b683b82eaef

powerpc architecture (PowerPC)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb Size/MD5 checksum: 166402 1d470464fe2b493aef8d95dde5fd95d8 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb Size/MD5 checksum: 70682 1dd9713672dbac4a7434f1f96a1184b5 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb Size/MD5 checksum: 253478 7a87577e07ed0bb9e759b973b2d7cf18

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb Size/MD5 checksum: 73470 52b1a911a81f133a83a387663aa3ffb2 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb Size/MD5 checksum: 252988 18b4c8b17b3e30ab6cce89c21c99fbfc http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb Size/MD5 checksum: 169264 601982b9a97707ab05e1f4469cd8e20e

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb Size/MD5 checksum: 161562 facd643206903acfa3a503c1d69e9248 http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb Size/MD5 checksum: 66032 cbbe521a9a5629987603a57b8c9f35be http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb Size/MD5 checksum: 247212 76b8fe782fd0e5f7546bd535f8d442bc

These files will probably be moved into the stable distribution on its next update. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201003-1082",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "suse",
        "version": "9"
      },
      {
        "model": "libpng",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "libpng",
        "version": "1.2.43"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "9.04"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "13"
      },
      {
        "model": "mac os x",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "apple",
        "version": "10.6.5"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": "11.1"
      },
      {
        "model": "libpng",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "libpng",
        "version": "1.0.0"
      },
      {
        "model": "libpng",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "libpng",
        "version": "1.4.1"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "8.04"
      },
      {
        "model": "libpng",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "libpng",
        "version": "1.2.0"
      },
      {
        "model": "linux enterprise server",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "suse",
        "version": "11"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "8.10"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "9.10"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "12"
      },
      {
        "model": "libpng",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "libpng",
        "version": "1.4.0"
      },
      {
        "model": "ubuntu linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "canonical",
        "version": "6.06"
      },
      {
        "model": "fedora",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "fedoraproject",
        "version": "11"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": "11.0"
      },
      {
        "model": "libpng",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "libpng",
        "version": "1.0.53"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "opensuse",
        "version": "11.2"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "libpng",
        "version": "1.0.52"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "libpng",
        "version": "1.2.13"
      },
      {
        "model": "lunascape",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "lunascape",
        "version": "6"
      },
      {
        "model": "libpng",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "png group",
        "version": "1.4.0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "2.5.x"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "3.1.x"
      },
      {
        "model": "server",
        "scope": null,
        "trust": 0.8,
        "vendor": "vmware",
        "version": null
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "6.5.x"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "vmware",
        "version": "7.1.x"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "mac os x",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6 to  v10.6.4"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.5.8"
      },
      {
        "model": "mac os x server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "apple",
        "version": "v10.6 to  v10.6.4"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "10"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "11 express"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "8"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "9"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "3 (x86)"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "3 (x86-64)"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "3.0"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "3.0 (x86-64)"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "4.0"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "4.0 (x86-64)"
      },
      {
        "model": "pictbear",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "fenrir",
        "version": "2.01"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.8 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.8 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (server)"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4.0"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5.0 (client)"
      },
      {
        "model": "rhel desktop workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "5 (client)"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.0.46"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.0.47"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.2.11"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.0.48"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.2.23"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.0.51"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "libpng",
        "version": "1.0.50"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.2"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.8126538"
      },
      {
        "model": "linux armel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.24"
      },
      {
        "model": "linux hppa",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "multi network firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "2.0"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4246459"
      },
      {
        "model": "linux enterprise sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.25"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.42"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.17"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.43"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.7"
      },
      {
        "model": "intuity audix",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "corporate server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.1"
      },
      {
        "model": "intuity audix lx r1.1",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.0"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.16"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0.2"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.18"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.8"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.580187"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "messaging storage server sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2203138"
      },
      {
        "model": "intuity audix lx sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "beta01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.27"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.2"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.7"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.3"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.13"
      },
      {
        "model": "intuity audix lx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.0"
      },
      {
        "model": "linux lts powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "libpng",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.4.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0"
      },
      {
        "model": "hat enterprise linux desktop client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "5"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.4246459"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.1"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5118166"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "intuity audix lx sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "enterprise linux ws",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3"
      },
      {
        "model": "messaging storage server",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5118166"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2008.0"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.33"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.21"
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "linux enterprise sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "solaris express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "11"
      },
      {
        "model": "enterprise linux es",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.4"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "0"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.8"
      },
      {
        "model": "libpng",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.43"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.6"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.2"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.0"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.8"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.3"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.20"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.36"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.9"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.14"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.691891"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "hat enterprise linux server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "5"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.10203137"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.4"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.6"
      },
      {
        "model": "linux lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.12"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.32"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.1"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.8"
      },
      {
        "model": "message networking",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.27"
      },
      {
        "model": "linux lts sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "6.06"
      },
      {
        "model": "corporate server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "4.0"
      },
      {
        "model": "linux enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "10"
      },
      {
        "model": "linux enterprise sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "11"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.9"
      },
      {
        "model": "libpng",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.53"
      },
      {
        "model": "enterprise linux desktop version",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "4"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.6"
      },
      {
        "model": "linux enterprise",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "suse",
        "version": "11"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.3"
      },
      {
        "model": "player build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "3.1.2301548"
      },
      {
        "model": "solaris 10 sparc",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "mac os server",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.5"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.11"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "desktop",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3.0"
      },
      {
        "model": "rc1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.22"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1.1"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "aura system platform",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.1"
      },
      {
        "model": "enterprise linux desktop workstation client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.3185404"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "workstation build",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.1.2301548"
      },
      {
        "model": "linux alpha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.9156507"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.4"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.7108231"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.2"
      },
      {
        "model": "linux lts lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.04"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.5"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.3185404"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.10"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.34"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.18"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.1"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.7"
      },
      {
        "model": "server build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.0.1156745"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.0"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "message networking mn",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.10"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "1.0.2"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.42"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "7.1"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.4"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.16"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.5"
      },
      {
        "model": "linux lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "beta01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.4"
      },
      {
        "model": "aura system manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "player",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.4"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.17"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0"
      },
      {
        "model": "beta19",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.4"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0.3"
      },
      {
        "model": "solaris 10 x86",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.10"
      },
      {
        "model": "linux lpia",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "workstation build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.2156735"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.0.15"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.5"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2008.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.35"
      },
      {
        "model": "intuity audix lx",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "2.0"
      },
      {
        "model": "workstation",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "6.5.3"
      },
      {
        "model": "solaris 9 x86",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.37"
      },
      {
        "model": "aura conferencing standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.2"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.8"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "solaris 9 sparc",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "aura system platform sp1.1",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2010.0"
      },
      {
        "model": "linux mipsel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "enterprise server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "player build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "vmware",
        "version": "2.5.2156735"
      },
      {
        "model": "messaging storage server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.0"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.5.2"
      },
      {
        "model": "linux mandrake",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.1"
      },
      {
        "model": "aura session manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "8.10"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "9.04"
      },
      {
        "model": "linux mandrake x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandriva",
        "version": "2009.0"
      },
      {
        "model": "hat enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "4"
      },
      {
        "model": "hat enterprise linux as",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "red",
        "version": "3"
      },
      {
        "model": "linux m68k",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.26"
      },
      {
        "model": "libpng",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "libpng",
        "version": "1.2.19"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.3"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "5.0"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "38478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.0.53",
                "versionStartIncluding": "1.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.2.43",
                "versionStartIncluding": "1.2.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.4.1",
                "versionStartIncluding": "1.4.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.6.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Glenn Randers-Pehrson",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2010-0205",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2010-0205",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-42810",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULMON",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2010-0205",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "MEDIUM",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2010-0205",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#576029",
            "trust": 0.8,
            "value": "0.85"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-0205",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201003-024",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-42810",
            "trust": 0.1,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2010-0205",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a \"decompression bomb\" attack. libpng Has a specific PNG ( Portable Network Graphics ) There is a problem with the file processing. libpng Contains crafted auxiliary chunks PNG When processing files, a huge amount of memory CPU May use resources. For more information, PNG Development Group Security advisories and Defending Libpng Applications Against Decompression Bombs Please confirm.Disturbance of service operation by a remote third party (DoS) An attack may be carried out. The \u0027libpng\u0027 library is prone to a remote denial-of-service vulnerability. \nSuccessful exploits will allow an attacker to consume an excessive amount of CPU memory, denying service to legitimate users. \nSuccessful exploits will allow an attacker to obtain potentially sensitive information. \nVersions prior to libpng 1.4.1, 1.2.43, and 1.0.53 are vulnerable. This resource consumption may cause applications using the libpng library to hang. The PNG format uses efficient compression to store graphic data and some related data in an auxiliary database. The PNG specification does not limit the number of chunks, limiting their size to 2.147G (2,147,483,647 bytes). Similarly, the specification limits the width and height of graphics to 2.147 billion rows and 2.147 billion columns. Since the deflate compression method can very efficiently compress data streams consisting of repeated single bytes, small PNG files may occupy a large amount of memory when decompressed, forming a \\\"decompression bomb that exhausts all available memory. For example, for a zTXt block containing 50,000 lines each containing 100 letters Z, the compressed size is about 17k bytes, but the decompressed size is 5M, and the compression ratio is about 300:1. Libpng library uses inefficient memory acquisition method when expanding compressed zTXt, iTXt and iCCP auxiliary data blocks. About 50k malformed iCCP blocks contained in graphic files can be decompressed to 60M, which will hang the browser for about 20 Minutes, a well-crafted malicious block can also hang the browser for even longer, using up all available memory. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201010-01\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n  Severity: Normal\n     Title: Libpng: Multiple vulnerabilities\n      Date: October 05, 2010\n      Bugs: #307637, #324153, #335887\n        ID: 201010-01\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities in libpng might lead to privilege escalation\nor a Denial of Service. It is used by several programs, including web\nbrowsers and potentially server processes. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package            /  Vulnerable  /                    Unaffected\n    -------------------------------------------------------------------\n  1  media-libs/libpng       \u003c 1.4.3                          \u003e= 1.4.3\n\nDescription\n===========\n\nMultiple vulnerabilities were found in libpng:\n\n* The png_decompress_chunk() function in pngrutil.c does not properly\n  handle certain type of compressed data (CVE-2010-0205)\n\n* A buffer overflow in pngread.c when using progressive applications\n  (CVE-2010-1205)\n\n* A memory leak in pngrutil.c when dealing with a certain type of\n  chunks (CVE-2010-2249)\n\nImpact\n======\n\nAn attacker could exploit these vulnerabilities to cause programs\nlinked against the library to crash or execute arbitrary code with the\npermissions of the user running the vulnerable program, which could be\nthe root user. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll libpng users should upgrade to the latest version:\n\n    # emerge --sync\n    # emerge --ask --oneshot --verbose \"\u003e=media-libs/libpng-1.4.3\"\n\nReferences\n==========\n\n  [ 1 ] CVE-2010-0205\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n  [ 2 ] CVE-2010-1205\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n  [ 3 ] CVE-2010-2249\n        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n  http://security.gentoo.org/glsa/glsa-201010-01.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2010 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n                   VMware Security Advisory\n\nAdvisory ID:       VMSA-2010-0014\nSynopsis:          VMware Workstation, Player, and ACE address several\n                   security issues. \nIssue date:        2010-09-23\nUpdated on:        2010-09-23 (initial release of advisory)\nCVE numbers:       CVE-2010-3277 CVE-2010-1205 CVE-2010-0205\n                   CVE-2010-2249 CVE-2010-0434 CVE-2010-0425\n- ------------------------------------------------------------------------\n\n1. Summary\n\n   VMware Workstation and Player address a potential installer security\n   issue and security issues in libpng. VMware ACE Management Server\n   (AMS) for Windows updates Apache httpd. \n\n2. Relevant releases\n\n   VMware Workstation 7.1.1 and earlier,\n   VMware Player 3.1.1 and earlier,\n   VMware ACE Management Server 2.7.1 and earlier,\n\n   Note: VMware Server was declared End Of Availability on January 2010,\n         support will be limited to Technical Guidance for the duration\n         of the support term. \n\n3. Problem Description\n\n a. VMware Workstation and Player installer security issue\n\n    The Workstation 7.x and Player 3.x installers will load an index.htm\n    file located in the current working directory on which Workstation\n    7.x or Player 3.x is being installed. This may allow an attacker to\n    display a malicious file if they manage to get their file onto the\n    system prior to installation. \n\n    The issue can only be exploited at the time that Workstation 7.x or\n    Player 3.x is being installed. Installed versions of Workstation and\n    Player are not affected. The security issue is no longer present in\n    the installer of the new versions of Workstation 7.x and Player 3.x\n    (see table below for the version numbers). \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the name CVE-2010-3277 to this issue. \n\n    VMware would like to thank Alexander Trofimov and Marc Esher for\n    independently reporting this issue to VMware. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.x       any      7.1.2 build 301548 or later *\n    Workstation    6.5.x     any      not affected\n\n    Player         3.x       any      3.1.2 build 301548 or later *\n    Player         2.5.x     any      not affected\n\n    AMS            any       any      not affected\n\n    Server         any       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n * Note: This only affects the installer, if you have a version of\n         Workstation or Player installed you are not vulnerable. \n\n\n b. Third party libpng updated to version 1.2.44\n\n    A buffer overflow condition in libpng is addressed that could\n    potentially lead to code execution with the privileges of the\n    application using libpng. Two potential denial of service issues\n    are also addressed in the update. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2010-1205, CVE-2010-0205, CVE-2010-2249\n    to these issues. \n\n    The following table lists what action remediates the vulnerability\n    (column 4) if a solution is available. \n\n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    7.1.x     any      7.1.2 build 301548 or later\n    Workstation    6.5.x     any      affected, patch pending\n\n    Player         3.1.x     any      3.1.2 build 301548 or later\n    Player         2.5.x     any      affected, patch pending\n\n    AMS            any       any      not affected\n\n    Server         any       any      affected, no patch planned\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n\n c. VMware ACE Management Server (AMS) for Windows updates Apache httpd\n    version 2.2.15. \n\n    A function in Apache HTTP Server when multithreaded MPM is used\n    does not properly handle headers in subrequests in certain\n    circumstances which may allow remote attackers to obtain sensitive\n    information via a crafted request that triggers access to memory\n    locations associated with an earlier request. \n\n    The Apache mod_isapi module can be forced to unload a specific\n    library before the processing of a request is complete, resulting\n    in memory corruption. This vulnerability may allow a remote\n    attacker to execute arbitrary code. \n\n    The Common Vulnerabilities and Exposures project (cve.mitre.org)\n    has assigned the names CVE-2010-0434 and CVE-2010-0425 to the\n    issues addressed in this update. \n\n    Column 4 of the following table lists the action required to\n    remediate the vulnerability in each release, if a solution is\n    available. \n\n    VMware         Product   Running  Replace with/\n    Product        Version   on       Apply Patch\n    =============  ========  =======  =================\n    VirtualCenter  any       Windows  not affected\n\n    Workstation    any       any      not affected\n\n    Player         any       any      not affected\n\n    AMS            any       Windows  2.7.2 build 301548 or later\n    AMS            any       Linux    affected, patch pending *\n\n    Server         any       any      not affected\n\n    Fusion         any       Mac OS/X not affected\n\n    ESXi           any       ESXi     not affected\n\n    ESX            any       ESX      not affected\n\n * Note CVE-2010-0425 is not applicable to AMS running on Linux\n\n4. Solution\n   Please review the patch/release notes for your product and version\n   and verify the md5sum and/or the sha1sum of your downloaded file. \n\n   VMware Workstation 7.1.2\n   ------------------------\n   http://www.vmware.com/download/ws/\n   Release notes:\n   http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html\n\n   Workstation for Windows 32-bit and 64-bit with VMware Tools\t\n   md5sum: 2e9715ec297dc3ca904ad2707d3e2614\n   sha1sum: 55b2b99f67c3dacd402fb9880999086efd264e7a\n\n   Workstation for Windows 32-bit and 64-bit without VMware Tools\t\n   md5sum: 066929f59aef46f11f4d9fd6c6b36e4d\n   sha1sum: def776a28ee1a21b1ad26e836ae868551fff6fc3\n\n   VMware Player 3.1.2\n   -------------------\n   http://www.vmware.com/download/player/\n   Release notes:\n\nhttp://downloads.vmware.com/support/player31/doc/releasenotes_player312.html\n\n   VMware Player for Windows 32-bit and 64-bit\t\n   md5sum: 3f289cb33af5e425c92d8512fb22a7ba\n   sha1sum: bf67240c1f410ebeb8dcb4f6d7371334bf9a6b70\n\n   VMware Player for Linux 32-bit\t\n   md5sum: 11e3e3e8753e1d9abbbb92c4e3c1dfe8\n   sha1sum: dd1dbcdb1f4654eefc11472b68934dcb69842749\n\n   VMware Player for Linux 64-bit\t\n   md5sum: 2ab08e0d4050719845a64d334ca15bb1\n   sha1sum: f024ad84ec831fce8667dfa9601851da5d9fa59c\n\n   VMware ACE Management Server 2.7.2\n   ----------------------------------\n   http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7\n   Release notes:\n   http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html\n\n   ACE Management Server for Windows\t\n   md5sum: 02f0072b8e48a98ed914b633f070d550\n   sha1sum: 94a68eac4a328d21a741879b9d063227c0dc1ce4\n\n5. References\n\n   CVE numbers\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3277\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1205\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2249\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0434\n   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425\n\n- ------------------------------------------------------------------------\n\n6. Change log\n\n2010-09-23  VMSA-2010-0014\nInitial security advisory after release of Workstation 7.1.2,\nPlayer 3.1.2 and ACE Management Server 2.7.2 on 2010-09-23\n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n  * security-announce at lists.vmware.com\n  * bugtraq at securityfocus.com\n  * full-disclosure at lists.grok.org.uk\n\nE-mail:  security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisoiries\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc.  All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.10 (MingW32)\n\niEYEARECAAYFAkycSrQACgkQS2KysvBH1xmT9wCfbBUS4GYrJohz+QMLYcoiFmSh\neTgAoIAmx+ilbe2myj02daLjFrVQfQII\n=5jlh\n-----END PGP SIGNATURE-----\n. \n \n Packages for 2008.0 are provided for Corporate Desktop 2008.0\n customers. \n \n The updated packages have been patched to correct these issues. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0205\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n a490385a7af091254460923d5b370281  2008.0/i586/libpng3-1.2.22-0.4mdv2008.0.i586.rpm\n 0a24bbf70a2d0acfe67872e0c9d8f709  2008.0/i586/libpng-devel-1.2.22-0.4mdv2008.0.i586.rpm\n 4606a9e929c6051e122b70ebe2e7bad4  2008.0/i586/libpng-source-1.2.22-0.4mdv2008.0.i586.rpm\n 694d03d2e8d3bcd07fc0684fd8a6b0c9  2008.0/i586/libpng-static-devel-1.2.22-0.4mdv2008.0.i586.rpm \n da310f9645a322af4d2a97b9cf4592eb  2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 4502fd5d882a47d409bfd0e0bc154c88  2008.0/x86_64/lib64png3-1.2.22-0.4mdv2008.0.x86_64.rpm\n 91b539a7a3a87d57c1ee1e33921aa787  2008.0/x86_64/lib64png-devel-1.2.22-0.4mdv2008.0.x86_64.rpm\n f0e202692b44e5ebd09168e307a1ad7b  2008.0/x86_64/lib64png-static-devel-1.2.22-0.4mdv2008.0.x86_64.rpm\n a5c685aa7aac15155af58211a576e08c  2008.0/x86_64/libpng-source-1.2.22-0.4mdv2008.0.x86_64.rpm \n da310f9645a322af4d2a97b9cf4592eb  2008.0/SRPMS/libpng-1.2.22-0.4mdv2008.0.src.rpm\n\n Corporate 4.0:\n e224d113e77e285d85ff11c55dae9e50  corporate/4.0/i586/libpng3-1.2.8-1.7.20060mlcs4.i586.rpm\n c0d62f11277442b0d7a909d0c1c53249  corporate/4.0/i586/libpng3-devel-1.2.8-1.7.20060mlcs4.i586.rpm\n 8ea7ca8ab7bbed8f2683698a3f493d56  corporate/4.0/i586/libpng3-static-devel-1.2.8-1.7.20060mlcs4.i586.rpm \n 76f958bdba2876ea2a36f42407aaa9dc  corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n a19c0839e78e5d16cc159621ff8e3786  corporate/4.0/x86_64/lib64png3-1.2.8-1.7.20060mlcs4.x86_64.rpm\n 68d1b5c5174f6de15eb1d68735e45e0f  corporate/4.0/x86_64/lib64png3-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm\n d477b9271f6beba77435121f09dff09d  corporate/4.0/x86_64/lib64png3-static-devel-1.2.8-1.7.20060mlcs4.x86_64.rpm \n 76f958bdba2876ea2a36f42407aaa9dc  corporate/4.0/SRPMS/libpng-1.2.8-1.7.20060mlcs4.src.rpm\n\n Multi Network Firewall 2.0:\n 5fe2f05d45ebaac79c58e47429dedceb  mnf/2.0/i586/libpng3-1.2.5-10.12.M20mdk.i586.rpm\n 0ebace3f9758ea06e6471317f95b253f  mnf/2.0/i586/libpng3-devel-1.2.5-10.12.M20mdk.i586.rpm\n 3aa8ba999455eb190979ec7f6f22421a  mnf/2.0/i586/libpng3-static-devel-1.2.5-10.12.M20mdk.i586.rpm \n 1ceca3083b90247ac1d1b68b4bf08f33  mnf/2.0/SRPMS/libpng-1.2.5-10.12.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLp88BmqjQ0CJFipgRAl2vAKCNCYs8gf3lw0tqgRMM6WC87P6roQCfZMU2\nM2vZq2Q3ZYYDuZssm6LfxaI=\n=dFcH\n-----END PGP SIGNATURE-----\n. ===========================================================\nUbuntu Security Notice USN-913-1             March 16, 2010\nlibpng vulnerabilities\nCVE-2009-2042, CVE-2010-0205\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\nUbuntu 9.10\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n  libpng12-0                      1.2.8rel-5ubuntu0.5\n\nUbuntu 8.04 LTS:\n  libpng12-0                      1.2.15~beta5-3ubuntu0.2\n\nUbuntu 8.10:\n  libpng12-0                      1.2.27-1ubuntu0.2\n\nUbuntu 9.04:\n  libpng12-0                      1.2.27-2ubuntu2.1\n\nUbuntu 9.10:\n  libpng12-0                      1.2.37-1ubuntu0.1\n\nAfter a standard system upgrade you need to reboot your computer to effect\nthe necessary changes. \n\nDetails follow:\n\nIt was discovered that libpng did not properly initialize memory when\ndecoding certain 1-bit interlaced images. If a user or automated system\nwere tricked into processing crafted PNG images, an attacker could possibly\nuse this flaw to read sensitive information stored in memory. This issue\nonly affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. (CVE-2009-2042)\n\nIt was discovered that libpng did not properly handle certain excessively\ncompressed PNG images. If a user or automated system were tricked into\nprocessing a crafted PNG image, an attacker could possibly use this flaw to\nconsume all available resources, resulting in a denial of service. \n(CVE-2010-0205)\n\n\nUpdated packages for Ubuntu 6.06 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz\n      Size/MD5:    22337 fa254fcc4cb513e59eb9467abad87cca\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc\n      Size/MD5:      661 17f3956e31ccadfed0a3bfdc8f5f065a\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz\n      Size/MD5:   510681 cac1512878fb98f2456df6dc50bc9bc7\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb\n      Size/MD5:      842 a5ab55fb1b372c9ac93493fd699b276f\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb\n      Size/MD5:   114374 1315864425b2dfaea123fe05118de0b0\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb\n      Size/MD5:   247552 4acf10d5d173d06843cb1dc9b1b894fe\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb\n      Size/MD5:    69464 1761fb1c524387b8aabd7bd3dccb2eda\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb\n      Size/MD5:   111916 0043501424d2cee81d5f6229a2b3d166\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb\n      Size/MD5:   239610 8422b7b137f09b49d27541a87251cce4\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb\n      Size/MD5:    66948 a8e6db358ed472eb9f18d3b51aed1347\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb\n      Size/MD5:   111422 a0ea39141ce6319b057db22e9fcaf8d6\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb\n      Size/MD5:   245142 d2d7ed0b8fa777fd58fe78345625a1e7\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb\n      Size/MD5:    66386 f65de398bac540da7a25370999eb9643\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb\n      Size/MD5:   108988 5bad496a668c87614866fe1f04c8c17e\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb\n      Size/MD5:   239972 b3cf4fc712ab063ababdefc5030ad07a\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb\n      Size/MD5:    63832 148d28886ec7fdb3334196a762daad1c\n\nUpdated packages for Ubuntu 8.04 LTS:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz\n      Size/MD5:    21048 9f9e2ce175afd0a41bfa613c8672a164\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc\n      Size/MD5:      832 59b9f6994e1bef9b8f83561b70afda00\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz\n      Size/MD5:   829038 77ca14fcee1f1f4daaaa28123bd0b22d\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb\n      Size/MD5:      940 e6cfd9d151530dac9ef81148e1690e61\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb\n      Size/MD5:   190022 6a7c0dfd7c8501f8628178b5b0eee0cd\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb\n      Size/MD5:   179662 bc60e9256f650d385f0c1d175c14fe80\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb\n      Size/MD5:    70430 a6782df5314e3c49137b1d3253c2c6b4\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb\n      Size/MD5:   188650 0d4b87ea55d252a24bc74ebc4d748645\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb\n      Size/MD5:   171178 9608ecb2bd7697bbf4510822a6c61e32\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb\n      Size/MD5:    69094 f39b5e822f4da67599876c68904ecad1\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb\n      Size/MD5:   189520 36f70d5b5d6cc10e89323efd72b3e061\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb\n      Size/MD5:   172882 1b5a5a4d6198c0eb6b14dc89c5a9da19\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb\n      Size/MD5:    69994 a3e824e57de27f7b7ed1b93ddd6f6917\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb\n      Size/MD5:   190076 8ec2399126dc45cb9069588dec4f23ef\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb\n      Size/MD5:   179070 3a16935d6ed3029b636f5a2277470659\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb\n      Size/MD5:    70556 a2f68773735f91ca14c95fe374a56d7b\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb\n      Size/MD5:   185426 8755e9f8c1be78dbe2de213d9666fd7f\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb\n      Size/MD5:   173332 f94ff6354e27bda2f21a8a542e77f274\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb\n      Size/MD5:    65854 2631780a00ee2727264e6d0f477daa83\n\nUpdated packages for Ubuntu 8.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz\n      Size/MD5:    19116 22de419d4a9203e183ccc14813b0d5e2\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc\n      Size/MD5:     1293 bd0ff3a04141fae88c8136f6f9ee63d4\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n      Size/MD5:   783204 13a0de401db1972a8e68f47d5bdadd13\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb\n      Size/MD5:      934 cdd02e7c09b4bb61bd14670f155f81f4\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb\n      Size/MD5:   168308 37a5c4970ffd3dc878026e66310bfecc\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb\n      Size/MD5:   255526 df3e911f99e2d64d3246710e0dea9d49\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb\n      Size/MD5:    72758 6a64efb6a07e32ddfe80bed566e110c8\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb\n      Size/MD5:   166630 08a7389cb42e41ebba773ecdb9e347fe\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb\n      Size/MD5:   247664 e39fbb64952529e977b335e308662782\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb\n      Size/MD5:    71014 9e5c717ed5d4e17d86caabb80221030d\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb\n      Size/MD5:   167096 ed195852cc2b60cb0ddc9cccf87ed280\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb\n      Size/MD5:   248616 dc85b020b9a129916f24618d3e27e684\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb\n      Size/MD5:    71418 e60289ac791f78aae8eb5598a3eacb5a\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb\n      Size/MD5:   167230 5f8b71b3a98b1645727f1f4ae534f960\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb\n      Size/MD5:   254380 76ea57650fd01eb86a315ca0b73dcdca\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb\n      Size/MD5:    71582 f9b8803343f2f61bf5f07b1fb4a25918\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb\n      Size/MD5:   162222 445a3d3abb843e73fbf89fe0520ab664\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb\n      Size/MD5:   248216 768f20b123d1b0c1c448b3b240245d5c\n    http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb\n      Size/MD5:    66728 cf376eab6461fdee69f0bbde6d58dc53\n\nUpdated packages for Ubuntu 9.04:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz\n      Size/MD5:   174503 ffa63cd1b57dc442faff9a65d2f25ee7\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc\n      Size/MD5:     1296 890ff19ff7b12aa90d0d38c0b1550055\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n      Size/MD5:   783204 13a0de401db1972a8e68f47d5bdadd13\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb\n      Size/MD5:      936 3dee09961304f1caf76db0995a027b95\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb\n      Size/MD5:    72778 30622682dc700cba1101384ab84fe7ca\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb\n      Size/MD5:   168382 4be6ce864bf04169baf7d4b656ea8e02\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb\n      Size/MD5:   255620 730ed6a69006fa14753ef99f89664d31\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb\n      Size/MD5:    71084 5a3cc8f7589fae49e91689d85476b193\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb\n      Size/MD5:   166732 d674a5262197c091d9ca5b2370cff187\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb\n      Size/MD5:   247744 644a3757529a46d3389e2db18a566f3d\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb\n      Size/MD5:    71472 662aba7284b732240c2d7bff864eed12\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb\n      Size/MD5:   167200 47dc03f91b37b73626e026cb7da28b15\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb\n      Size/MD5:   248706 a01e8fe54d38f4101c6ad0f78eec4a7e\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb\n      Size/MD5:    71564 96e3fb7342ab462db7a27fbd39a46649\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb\n      Size/MD5:   167254 90e1cb3da8cc85953442611cf0faaed8\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb\n      Size/MD5:   254444 4b89c89e031c0d4265b1eb3da45f06e9\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb\n      Size/MD5:    66646 ac9aa1a738ef8ed71bd8b876f1920098\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb\n      Size/MD5:   162176 06a1b4ab47a39790da4e9b1e0967c1d2\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb\n      Size/MD5:   248222 91cca4c40c4ce6ac41df52ea62e5008a\n\nUpdated packages for Ubuntu 9.10:\n\n  Source archives:\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz\n      Size/MD5:    18107 a9bf93cac21b17a3589193ae511b75d2\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc\n      Size/MD5:     1293 dc9a20f9a129ad150f61ec9bb745b039\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz\n      Size/MD5:   805380 7480dbbf9f6c3297faf6fe52ec9b91ab\n\n  Architecture independent packages:\n\n    http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb\n      Size/MD5:      934 3d21bd9bf41fe210303474389cfeb0a8\n\n  amd64 architecture (Athlon64, Opteron, EM64T Xeon):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb\n      Size/MD5:    73848 d436fc20150573d565017d9e29141484\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb\n      Size/MD5:   174886 34607a76ee1ebdd82b5c71068e6e32b2\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb\n      Size/MD5:   265214 f600588bdf4f00731d94ccd8bbc68455\n\n  i386 architecture (x86 compatible Intel/AMD):\n\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb\n      Size/MD5:    70382 7d93414ce0e28351b972605abae92cd1\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb\n      Size/MD5:   171402 2b8f6f1c8e8300c3149c59d1fc107659\n    http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb\n      Size/MD5:   255250 a033009f8d9a990655437c3d129668bf\n\n  lpia architecture (Low Power Intel Architecture):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb\n      Size/MD5:    71012 d3df3a73bf61acb9f1d489a32b3b8a60\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb\n      Size/MD5:   172126 1b94fcc470ba8878eace85240fae74cf\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb\n      Size/MD5:   257172 3c3280435a2b7d1817b49cd4a3a14bef\n\n  powerpc architecture (Apple Macintosh G3/G4/G5):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb\n      Size/MD5:    72402 e0b80daed7db7e00d2a921ed5708ffe8\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb\n      Size/MD5:   173494 31c424c02fe594bb6cf9acd1bef1763f\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb\n      Size/MD5:   264450 b0546250e1804b0d385bb8eb714cd2da\n\n  sparc architecture (Sun SPARC/UltraSPARC):\n\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb\n      Size/MD5:    67312 0df0d665eeb40343b9d5485910101786\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb\n      Size/MD5:   168372 2a079837d6b9f47c41a02340c5d9e27c\n    http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb\n      Size/MD5:   257434 05811c8ff658321e91078f280dacfbe7\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2032-1                  security@debian.org\nhttp://www.debian.org/security/                        Giuseppe Iuculano\nApril 11, 2010                        http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage        : libpng\nVulnerability  : several\nProblem type   : local (remote)\nDebian-specific: no\nCVE Id(s)      : CVE-2009-2042 CVE-2010-0205\nDebian Bugs    : 533676 572308\n\n\nSeveral vulnerabilities have been discovered in libpng, a library for\nreading and writing PNG files. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2009-2042\n\nlibpng does not properly parse 1-bit interlaced images with width values\nthat are not divisible by 8, which causes libpng to include\nuninitialized bits in certain rows of a PNG file and might allow remote\nattackers to read portions of sensitive memory via \"out-of-bounds\npixels\" in the file. \n\nFor the testing (squeeze) and unstable (sid) distribution, these\nproblems have been fixed in version 1.2.43-1\n\nWe recommend that you upgrade your libpng package. \n\nUpgrade instructions\n- --------------------\n\nwget url\n        will fetch the file for you\ndpkg -i file.deb\n        will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n        will update the internal database\napt-get upgrade\n        will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc\n    Size/MD5 checksum:     1201 abe81b0d3c4aa7a1fa418e29f2c5b297\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz\n    Size/MD5 checksum:   783204 13a0de401db1972a8e68f47d5bdadd13\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz\n    Size/MD5 checksum:    19687 60ede1843ceb8a1f127c54b847a74dfa\n\nArchitecture independent packages:\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb\n    Size/MD5 checksum:      880 028b00e28aad8282714776c5dcca64a8\n\nalpha architecture (DEC Alpha)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb\n    Size/MD5 checksum:    86562 d9c50af59951e972557d393409b75bf2\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb\n    Size/MD5 checksum:   287752 1d7d84aee223c0933d1a616722607096\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb\n    Size/MD5 checksum:   182436 001ecbf421f70ca521a3968f1d14c874\n\namd64 architecture (AMD x86_64 (AMD64))\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb\n    Size/MD5 checksum:    71912 78fbe1a6568671e4c557ec12e29481b0\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb\n    Size/MD5 checksum:   254500 481312a64867f31c363b7fbba9cfe171\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb\n    Size/MD5 checksum:   167864 3d285c20d2f080313f82eb09dcb7261b\n\narm architecture (ARM)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb\n    Size/MD5 checksum:    64566 a4a9742190557d14beae40133fb46cf1\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb\n    Size/MD5 checksum:   245438 a16f62e771622e05812172f7c7066504\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb\n    Size/MD5 checksum:   159612 81facf06de458dd6b1e84a78bb1acfc8\n\narmel architecture (ARM EABI)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb\n    Size/MD5 checksum:    67028 56fc4199656d239231c7b8d8e035fead\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb\n    Size/MD5 checksum:   245930 9f64181bc16af0ad0de4ba2e86b25706\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb\n    Size/MD5 checksum:   162504 3129e1c2360fcba0309257e2b1dff8ca\n\nhppa architecture (HP PA RISC)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb\n    Size/MD5 checksum:    73858 9d5a53e3258b5149bee68a4d20067bf9\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb\n    Size/MD5 checksum:   169602 12ddce05c84ef675c348a1e64f1a277c\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb\n    Size/MD5 checksum:   261788 9297cb916e57e2f912de3f16bcbae475\n\ni386 architecture (Intel ia32)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb\n    Size/MD5 checksum:   246968 083d472fd65f884c91dff5926e538342\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb\n    Size/MD5 checksum:   165560 233945ee4b1e442357276431ce495a4c\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb\n    Size/MD5 checksum:    70094 769336f4574678e56931e1a1eaf6be6a\n\nia64 architecture (Intel ia64)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb\n    Size/MD5 checksum:   305324 42d7265034b84662467bb75456653787\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb\n    Size/MD5 checksum:   111776 ad716022a6a22371bb83f3966ebe17d4\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb\n    Size/MD5 checksum:   206866 572b9d18c5adba74a4e5b99714968a60\n\nmipsel architecture (MIPS (Little Endian))\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb\n    Size/MD5 checksum:   262242 e905771ac3fa905cc03a3ddc8f9872dd\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb\n    Size/MD5 checksum:    68370 4d44877866357a0fd8474fd8fe183616\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb\n    Size/MD5 checksum:   164154 93c02dbae7dfe59b77ce4b683b82eaef\n\npowerpc architecture (PowerPC)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb\n    Size/MD5 checksum:   166402 1d470464fe2b493aef8d95dde5fd95d8\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb\n    Size/MD5 checksum:    70682 1dd9713672dbac4a7434f1f96a1184b5\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb\n    Size/MD5 checksum:   253478 7a87577e07ed0bb9e759b973b2d7cf18\n\ns390 architecture (IBM S/390)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb\n    Size/MD5 checksum:    73470 52b1a911a81f133a83a387663aa3ffb2\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb\n    Size/MD5 checksum:   252988 18b4c8b17b3e30ab6cce89c21c99fbfc\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb\n    Size/MD5 checksum:   169264 601982b9a97707ab05e1f4469cd8e20e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb\n    Size/MD5 checksum:   161562 facd643206903acfa3a503c1d69e9248\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb\n    Size/MD5 checksum:    66032 cbbe521a9a5629987603a57b8c9f35be\n  http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb\n    Size/MD5 checksum:   247212 76b8fe782fd0e5f7546bd535f8d442bc\n\n\n  These files will probably be moved into the stable distribution on\n  its next update. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      },
      {
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "BID",
        "id": "38478"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "db": "PACKETSTORM",
        "id": "94522"
      },
      {
        "db": "PACKETSTORM",
        "id": "94244"
      },
      {
        "db": "PACKETSTORM",
        "id": "87569"
      },
      {
        "db": "PACKETSTORM",
        "id": "87557"
      },
      {
        "db": "PACKETSTORM",
        "id": "87345"
      },
      {
        "db": "PACKETSTORM",
        "id": "88286"
      }
    ],
    "trust": 3.33
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-42810",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#576029",
        "trust": 3.7
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "38478",
        "trust": 2.9
      },
      {
        "db": "SECUNIA",
        "id": "38774",
        "trust": 2.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0517",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "39251",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "41574",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "62670",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1023674",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0667",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-2491",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0626",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0686",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-1107",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0682",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0605",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0637",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0847",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024",
        "trust": 0.7
      },
      {
        "db": "PACKETSTORM",
        "id": "94522",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "87569",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-42810",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0847",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/1107",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0667",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0605",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/2491",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0626",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0517",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0686",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0682",
        "trust": 0.1
      },
      {
        "db": "VUPEN",
        "id": "2010/0637",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0205",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "94244",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "87557",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "87345",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "88286",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "db": "BID",
        "id": "38478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "PACKETSTORM",
        "id": "94522"
      },
      {
        "db": "PACKETSTORM",
        "id": "94244"
      },
      {
        "db": "PACKETSTORM",
        "id": "87569"
      },
      {
        "db": "PACKETSTORM",
        "id": "87557"
      },
      {
        "db": "PACKETSTORM",
        "id": "87345"
      },
      {
        "db": "PACKETSTORM",
        "id": "88286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "id": "VAR-201003-1082",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T21:04:41.162000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HT4435",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4435"
      },
      {
        "title": "HT4435",
        "trust": 0.8,
        "url": "http://support.apple.com/kb/ht4435?viewlocale=ja_jp"
      },
      {
        "title": "libpng-1.2.10-7.1.3.0.1.AXS3",
        "trust": 0.8,
        "url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=1210"
      },
      {
        "title": "Security Advisory for libpng-1.4.0 and earlier, 27 February 2010",
        "trust": 0.8,
        "url": "http://libpng.sourceforge.net/advisory-1.4.1.html"
      },
      {
        "title": "Defending Libpng Applications Against Decompression Bombs",
        "trust": 0.8,
        "url": "http://libpng.sourceforge.net/decompression_bombs.html"
      },
      {
        "title": "\u3010JVN \u306b\u63b2\u8f09\u3055\u308c\u305f\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u3011",
        "trust": 0.8,
        "url": "http://ja.bbs.luna.tv/viewtopic.php?f=68\u0026t=3721"
      },
      {
        "title": "2078",
        "trust": 0.8,
        "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2078"
      },
      {
        "title": "2079",
        "trust": 0.8,
        "url": "http://www.miraclelinux.com/support/index.php?q=node/99\u0026errata_id=2079"
      },
      {
        "title": "RHSA-2010:0534",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2010-0534.html"
      },
      {
        "title": "multiple_vulnerabilities_in_libpng",
        "trust": 0.8,
        "url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_libpng"
      },
      {
        "title": "VMSA-2010-0014",
        "trust": 0.8,
        "url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
      },
      {
        "title": "pictbear",
        "trust": 0.8,
        "url": "http://www.fenrir.co.jp/pictbear/"
      },
      {
        "title": "libpng-1.4.1.tar.bz2",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=214"
      },
      {
        "title": "lpng141.zip",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=218"
      },
      {
        "title": "lpng141.7z",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=217"
      },
      {
        "title": "libpng-1.4.1.tar.xz",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=216"
      },
      {
        "title": "libpng-1.4.1.tar.gz",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=215"
      },
      {
        "title": "linpng_txt.zip",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=219"
      },
      {
        "title": "Debian CVElist Bug Report Logs: CVE-2010-0205 VU#576029 libpng stalls on highly compressed ancillary chunks",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=068ed551f848e5205f1c655154c5d17e"
      },
      {
        "title": "Debian CVElist Bug Report Logs: libpng: CVE-2009-2042 \"out-of-bounds pixels\" vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=5f5cf6ccf38dd0426354a95830317f34"
      },
      {
        "title": "Debian Security Advisories: DSA-2032-1 libpng -- several vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=7efe228231e53c876f6e76ff8b041bb6"
      },
      {
        "title": "Ubuntu Security Notice: libpng vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-913-1"
      },
      {
        "title": "VMware Security Advisories: VMware Workstation, Player, and ACE address several security issues.",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=b3571bd7da36d47dd9d3066ad9612f4c"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-400",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://www.kb.cert.org/vuls/id/576029"
      },
      {
        "trust": 2.9,
        "url": "http://libpng.sourceforge.net/advisory-1.4.1.html"
      },
      {
        "trust": 2.6,
        "url": "http://libpng.sourceforge.net/decompression_bombs.html"
      },
      {
        "trust": 2.6,
        "url": "http://www.securityfocus.com/bid/38478"
      },
      {
        "trust": 2.6,
        "url": "http://secunia.com/advisories/38774"
      },
      {
        "trust": 2.6,
        "url": "http://www.vupen.com/english/advisories/2010/0517"
      },
      {
        "trust": 1.8,
        "url": "http://lists.apple.com/archives/security-announce/2010//nov/msg00000.html"
      },
      {
        "trust": 1.8,
        "url": "http://support.apple.com/kb/ht4435"
      },
      {
        "trust": 1.8,
        "url": "http://www.vmware.com/security/advisories/vmsa-2010-0014.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.debian.org/security/2010/dsa-2032"
      },
      {
        "trust": 1.8,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037237.html"
      },
      {
        "trust": 1.8,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037355.html"
      },
      {
        "trust": 1.8,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037364.html"
      },
      {
        "trust": 1.8,
        "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-march/037607.html"
      },
      {
        "trust": 1.8,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:063"
      },
      {
        "trust": 1.8,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2010:064"
      },
      {
        "trust": 1.8,
        "url": "http://lists.vmware.com/pipermail/security-announce/2010/000105.html"
      },
      {
        "trust": 1.8,
        "url": "http://osvdb.org/62670"
      },
      {
        "trust": 1.8,
        "url": "http://www.securitytracker.com/id?1023674"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/39251"
      },
      {
        "trust": 1.8,
        "url": "http://secunia.com/advisories/41574"
      },
      {
        "trust": 1.8,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00001.html"
      },
      {
        "trust": 1.8,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"
      },
      {
        "trust": 1.8,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
      },
      {
        "trust": 1.8,
        "url": "http://ubuntu.com/usn/usn-913-1"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0605"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0626"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0637"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0667"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0682"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0686"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0847"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/1107"
      },
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/2491"
      },
      {
        "trust": 1.8,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56661"
      },
      {
        "trust": 1.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0205"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu331391"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu576029/"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0205"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0205"
      },
      {
        "trust": 0.3,
        "url": "http://www.libpng.org/pub/png/libpng.html"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_libpng"
      },
      {
        "trust": 0.3,
        "url": "http://support.avaya.com/css/p8/documents/100108439"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2009-2042"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2249"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1205"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2249"
      },
      {
        "trust": 0.2,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1205"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.2,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/400.html"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572308"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/913-1/"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-201010-01.xml"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security/advisoiries"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0434"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0425"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3277"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/download/player/"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/security"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/d/info/desktop_downloads/vmware_ace/2_7"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3277"
      },
      {
        "trust": 0.1,
        "url": "http://kb.vmware.com/kb/1055"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0434"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/download/ws/"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0425"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ws71/doc/releasenotes_ws712.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/security_response.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/player31/doc/releasenotes_player312.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos.html"
      },
      {
        "trust": 0.1,
        "url": "http://downloads.vmware.com/support/ace27/doc/releasenotes_ace272.html"
      },
      {
        "trust": 0.1,
        "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
      },
      {
        "trust": 0.1,
        "url": "http://www.vmware.com/support/policies/eos_vi.html"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2042"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_lpia.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-2ubuntu2.1_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_lpia.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.8rel-5ubuntu0.5_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_lpia.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.15~beta5-3ubuntu0.2.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-2ubuntu2.1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.27-1ubuntu0.2_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.8rel-5ubuntu0.5_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.15~beta5-3ubuntu0.2_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.37-1ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.37-1ubuntu0.1.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_lpia.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.27-1ubuntu0.2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.15~beta5-3ubuntu0.2_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel-5ubuntu0.5.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.8rel.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-2ubuntu2.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng3_1.2.37-1ubuntu0.1_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng_1.2.27-1ubuntu0.2.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.15~beta5-3ubuntu0.2_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_lpia.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/universe/libp/libpng/libpng12-0-udeb_1.2.8rel-5ubuntu0.5_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-1ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.8rel-5ubuntu0.5_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0_1.2.27-2ubuntu2.1_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.37-1ubuntu0.1_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-dev_1.2.37-1ubuntu0.1_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-dev_1.2.27-1ubuntu0.2_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.ubuntu.com/ubuntu/pool/main/libp/libpng/libpng12-0-udeb_1.2.27-2ubuntu2.1_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://ports.ubuntu.com/pool/main/libp/libpng/libpng12-0_1.2.15~beta5-3ubuntu0.2_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.diff.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_amd64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/faq"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_mipsel.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng3_1.2.27-2+lenny3_all.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_i386.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_hppa.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_mipsel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_ia64.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_sparc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_powerpc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_amd64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_hppa.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/full-disclosure-charter.html"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_i386.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_sparc.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_alpha.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_s390.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27-2+lenny3.dsc"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_powerpc.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng_1.2.27.orig.tar.gz"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_ia64.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_alpha.deb"
      },
      {
        "trust": 0.1,
        "url": "http://packages.debian.org/\u003cpkg\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_arm.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_armel.deb"
      },
      {
        "trust": 0.1,
        "url": "http://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-dev_1.2.27-2+lenny3_arm.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0-udeb_1.2.27-2+lenny3_armel.udeb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_s390.deb"
      },
      {
        "trust": 0.1,
        "url": "http://security.debian.org/pool/updates/main/libp/libpng/libpng12-0_1.2.27-2+lenny3_hppa.deb"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "db": "BID",
        "id": "38478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "PACKETSTORM",
        "id": "94522"
      },
      {
        "db": "PACKETSTORM",
        "id": "94244"
      },
      {
        "db": "PACKETSTORM",
        "id": "87569"
      },
      {
        "db": "PACKETSTORM",
        "id": "87557"
      },
      {
        "db": "PACKETSTORM",
        "id": "87345"
      },
      {
        "db": "PACKETSTORM",
        "id": "88286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "db": "BID",
        "id": "38478"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "db": "PACKETSTORM",
        "id": "94522"
      },
      {
        "db": "PACKETSTORM",
        "id": "94244"
      },
      {
        "db": "PACKETSTORM",
        "id": "87569"
      },
      {
        "db": "PACKETSTORM",
        "id": "87557"
      },
      {
        "db": "PACKETSTORM",
        "id": "87345"
      },
      {
        "db": "PACKETSTORM",
        "id": "88286"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-03-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "date": "2010-03-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "date": "2010-03-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "date": "2010-03-02T00:00:00",
        "db": "BID",
        "id": "38478"
      },
      {
        "date": "2010-03-17T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "date": "2010-10-05T22:16:57",
        "db": "PACKETSTORM",
        "id": "94522"
      },
      {
        "date": "2010-09-25T18:50:30",
        "db": "PACKETSTORM",
        "id": "94244"
      },
      {
        "date": "2010-03-23T23:16:59",
        "db": "PACKETSTORM",
        "id": "87569"
      },
      {
        "date": "2010-03-23T22:20:24",
        "db": "PACKETSTORM",
        "id": "87557"
      },
      {
        "date": "2010-03-17T00:04:21",
        "db": "PACKETSTORM",
        "id": "87345"
      },
      {
        "date": "2010-04-13T00:25:27",
        "db": "PACKETSTORM",
        "id": "88286"
      },
      {
        "date": "2010-03-03T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "date": "2010-03-03T19:30:00.493000",
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-03-02T00:00:00",
        "db": "CERT/CC",
        "id": "VU#576029"
      },
      {
        "date": "2020-08-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42810"
      },
      {
        "date": "2020-08-07T00:00:00",
        "db": "VULMON",
        "id": "CVE-2010-0205"
      },
      {
        "date": "2015-04-13T20:16:00",
        "db": "BID",
        "id": "38478"
      },
      {
        "date": "2012-03-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-001158"
      },
      {
        "date": "2020-08-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      },
      {
        "date": "2020-08-07T13:26:06.807000",
        "db": "NVD",
        "id": "CVE-2010-0205"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "87569"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "libpng stalls on highly compressed ancillary chunks",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#576029"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201003-024"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.