Image flaw pierces PC security

By Robert Lemos
Posted on ZDNet News: Aug 5, 2004 10:06:00 PM

Six vulnerabilities in a common code that handles an open-source image format could allow intruders to compromise computers running Linux and may allow attacks against Windows PCs as well as Macs running OS X.

The security issues appear in a library supporting the portable network graphics (PNG) format, used widely by programs such as the Mozilla and Opera browsers and various e-mail clients. The most critical issue, a memory problem known as a buffer overflow, could allow specially created PNG graphics to execute a malicious program when the application loads the image.

Among the programs that use libPNG and are likely to be affected by the flaws are the Mail application on Apple Computer's Mac OS X, the Opera and Internet Explorer browsers on Windows, and the Mozilla and Netscape browsers on Solaris, according to independent security researcher Chris Evans, who discovered the issues. Apple and Microsoft could not immediately be reached for comment. Evans did not test every platform to check which vulnerabilities work, he said.

The most critical vulnerability crashed two open-source browsers, Evans said. "A scarier possibility is targeted exploitation by e-mailing a nasty PNG to someone who uses a graphical e-mail client to decode" images, he added.

The Mozilla Foundation, the group that manages development of the Mozilla and Firefox browsers and the Thunderbird e-mail client, patched the flaws Wednesday, the same day news of the vulnerabilities was made public. Microsoft continues to study the issue, a representative of the software giant said late Thursday.

"Microsoft has not been made aware of any active exploits of the reported vulnerability or customer impact at this time, but is aggressively investigating the public reports," the representative said.

Both Microsoft and Linux have previously had security issues stemming from the PNG format. Eighteen months ago, Microsoft labeled as critical a flaw in how Internet Explorer handled PNG images. More than two years ago, a compression format flaw in Linux allowed PNG images, among other types of data, to crash programs running on the operating system.

A patched version of the PNG library, known as libPNG, can be downloaded from Linux operating-system sellers and the PNG Web site.

Security information service Secunia gave the vulnerabilities its second-highest rating, highly critical, and warned computer users to watch out.

"The vulnerabilities can be exploited by tricking a computer user into visiting a malicious Web site or viewing an e-mail with an affected application linked to libpng," Secunia stated in its advisory on the problems.

The U.S. Computer Emergency Readiness Team, the nation's official computer threat watchdog, released an advisory on the PNG issue on Tuesday and advised companies and individuals to update their systems.

SponsoredWhite Papers, Webcasts, and Downloads

Finally, an easier way for Small and Mid-Sized Companies to Run Their Business Applications: IBM Smart Business IBM From the PC to the Internet to every piece of hardware and software in ... Download Now
Five Steps to Determine When to Virtualize YourServers VMware Thinking of virtualizing the servers at your company? Use this step-by-step guide to determine when's the best time to make your big move. Download Now
Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now

Talkback
Most Recent of 50 Talkback(s)

Thread View
Flat View

Opera doesn't use libpng.: According to http://groups.google.it/groups?hl=en&lr=&ie=UTF-8&th=19fd283f01757f7b&rnum=6
... (Read the rest); Posted by: Robert Carnegie Posted on: 08/09/04 You are currently: a Guest | Log in | Terms of Use

At least this is posted after the fact the exploit has a fix.. Monkey_MCSE | 08/05/04

And that helps how? No_Ax_to_Grind | 08/05/04

Consultants who find it, give the companies time.. Monkey_MCSE | 08/05/04

Run along Bitty.. FreeBSD | 08/06/04

not a good thing... ryusen | 08/05/04

rough guess seosamh_z | 08/05/04

someone please explain Squawkbox | 08/05/04

The scum of the earth would find a way... BitTwiddler | 08/06/04

to all ryusen | 08/06/04

Advanced code and compilers. pj-xmesh | 08/06/04

Extremely Simple. . . boomslang_z | 08/07/04

Seems the problem is easier to fix in Linux toomuchgreeatea@... | 08/05/04

Funny PA-ITGuy | 08/06/04

MS Bashed for DLL_Hell not DLL zen_dogen | 08/06/04

No argument from me PA-ITGuy | 08/06/04

"Have RPMs yet" FreeBSD | 08/06/04

Try Gentoo Yagotta B. Kidding | 08/06/04

Gentoo and Debian Linux User 147560 | 08/06/04

the problem here is... ryusen | 08/06/04

Yes theKid_z | 08/06/04

here lies the real problem. FreeBSD | 08/06/04

FOSS fixed, still waiting on Windows Seething Ganglia | 08/06/04

Fixed in WinXP SP3...in 2008 Xunil_Sierutuf | 08/06/04

Does the flaw even exist in Windows? PA-ITGuy | 08/06/04

Leave the comedy to Mike Cox.. Xunil_Sierutuf | 08/06/04

(NT)Waiting on Windows to do what? toadlife | 08/08/04

Does it affect Solaris, FreeBSD, OS/2 or such FilledOut | 08/06/04

Pretty good possibility... Linux User 147560 | 08/06/04

Not Solaris on U3. Outside T. Box | 08/06/04

Anything Constructive? BXLE | 08/06/04

Constructive - Boring, Obvious zen_dogen | 08/06/04

This has not been targeted Linux User 147560 | 08/06/04

thank you for saying that.. ryusen | 08/06/04

Finally, and exploit that we can't bash Microsoft on..! Xunil_Sierutuf | 08/06/04

Guess you missed it. startiger | 08/06/04

Woohooo! Take that M$hills! Xunil_Sierutuf | 08/06/04

I'd have to say no companies lost face in this one Monkey_MCSE | 08/06/04

Wow! that's the most level headed post I've read. startiger | 08/06/04

ummm you're not allowed to compliment people here.. Monkey_MCSE | 08/06/04

Nothing new bugmenot00 | 08/06/04

why would images V Sanders | 08/06/04

It's not the image that's weak george_ou | 08/06/04

No hidden functionality. . . boomslang_z | 08/07/04

Monoculture Yagotta B. Kidding | 08/06/04

Glad you mentioned........ pj-xmesh | 08/06/04

i don't have a clue what you just said... Monkey_MCSE | 08/06/04

Those Blasted........ pj-xmesh | 08/06/04

we prefer to cloud facts here on talkbacks... Monkey_MCSE | 08/06/04

CORRECTION: Make that Newcastles all around(NT) Monkey_MCSE | 08/06/04

Opera doesn't use libpng. Robert Carnegie | 08/09/04

What do you think?

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

White Papers, Webcasts, and Downloads

Finally, an easier way for Small and Mid-Sized Companies to Run Their Business Applications: IBM Smart Business IBM From the PC to the Internet to every piece of hardware and software in ... Download Now
Five Steps to Determine When to Virtualize YourServers VMware Thinking of virtualizing the servers at your company? Use this step-by-step guide to determine when's the best time to make your big move. Download Now
Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now

Meet Doc

Here to help you with your Document Management Needs
Doc is an enigma. Born to a Russian ballerina and a German electrical engineer, he grew up in various locations in the United States. He’s seen the insides of more brands, versions, and generations of printer and printer-related hardware than almost anyone.
To learn more about this mysterious figure check out his blog on ZDNet and his Workspace on TechRepublic. You’ll be glad you did.
Produced by
ZDNet and

SponsoredWhite Papers, Webcasts, and Downloads

What do you think?

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

White Papers, Webcasts, and Downloads

Meet Doc

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads