Slashdot Mirror

← Back to Stories (view on slashdot.org)

CERT Warns Of Multiple Vulnerabilities In Libpng

Posted by simoniker on Wednesday August 4, 2004 @08:34PM from the puh-nug-guh dept.

jefftp writes "CERT announced today that there are several vulnerabilities in libpng, one is a buffer overflow which could potentially cause a PNG image file to execute arbitrary code. Libpng release 1.2.6rc1 addresses the problems covered by this CERT announcement, and can be obtained from the libpng Sourceforge project. A fully tested version is to be released in the next few weeks."

2 of 259 comments (clear)

Min score:

Reason:

Sort:

Re:php ! by dolmen.fr · 2004-08-04 21:11 · Score: 3, Insightful

The article is about PNG, not PHP.

Of course, but this means that free PHP hosting services are at risk, as some malicious users will try to exploit this flaw on the server side.
Re:Gentoo by AliasTheRoot · 2004-08-04 21:56 · Score: 3, Insightful

just ignore advocates, they'll go away eventually :)

gentoo is good for me, i don't think it's good for everyone - but i'm not everyone, i'm me.

my wife and my mother both use win2k and thats whats good for them, i help them out with patches and suchlike but neither of them really want to care about having gcc or whatever installed.

like i said, it's all about choice.