Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zlib Security Flaw Could Cause Widespread Trouble

Posted by timothy on from the all-over-the-place dept.

BlueSharpieOfDoom writes "Whitedust has an interesting article posted about the new zlib buffer overflow. It affects countless software applications, even on Microsoft Windows. Some of the most affected application are those that are able to use the PNG graphic format, as zlib is wildely used in compression of PNG images. Zlib was also in the news in 2002 because of a flaw found in the way it handled memory allocation. The new hole could allow remote attackers to crash the vulnerable program or even the possiblity of executing arbitrary code."

4 of 372 comments (clear)

  1. Check out Microsoft's misdeeds by Anonymous Coward · · Score: -1, Offtopic

    http://malfeasance.50megs.com/

  2. Re:Modularised code will always have this problem. by Anonymous Coward · · Score: -1, Offtopic

    He didn't say he didn't like Visual C++ jackass... he was giving an explanation of why he though the parent was modded troll.

  3. Re:Modularised code will always have this problem. by Anonymous Coward · · Score: -1, Offtopic

    > attack troll with sword

  4. Do we really need to be connected 24/7 by tjstork · · Score: -1, Offtopic

    It seems like we give up an aweful lot to be connected the internet 24/7. What's really the benefit? Unattended application updates? Yep, we're getting plenty of those alright.

    Really, consumers do need to be running on the internet 24/7, regardless of how nouveau chi chi it is. The most secure thing would be to actually drop the underlying network connection unless a user is making a request. You know, just shut down the drivers.

    --
    This is my sig.