6.8
MEDIUM
CVE-2009-0040
Libpng Denial of Service and Remote Code Execution Vulnerability
Description

The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file that triggers a free of an uninitialized pointer in (1) the png_read_png function, (2) pCAL chunk handling, or (3) setup of 16-bit gamma tables.

INFO

Published Date :

Feb. 22, 2009, 10:30 p.m.

Last Modified :

Nov. 21, 2024, 12:58 a.m.

Remotely Exploitable :

Yes !

Impact Score :

6.4

Exploitability Score :

8.6
Affected Products

The following products are affected by CVE-2009-0040 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Suse linux_enterprise_server
2 Suse linux_enterprise_desktop
3 Suse linux_enterprise
1 Apple mac_os_x
2 Apple iphone_os
1 Fedoraproject fedora
1 Debian debian_linux
1 Libpng libpng
1 Opensuse opensuse
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2009-0040.

URL Resource
ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt Broken Link Vendor Advisory
http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt Product
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html Mailing List
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html Mailing List
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html Mailing List
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Broken Link Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html Mailing List
http://lists.vmware.com/pipermail/security-announce/2009/000062.html Broken Link
http://secunia.com/advisories/33970 Broken Link Vendor Advisory
http://secunia.com/advisories/33976 Broken Link Vendor Advisory
http://secunia.com/advisories/34137 Broken Link
http://secunia.com/advisories/34140 Broken Link
http://secunia.com/advisories/34143 Broken Link
http://secunia.com/advisories/34145 Broken Link
http://secunia.com/advisories/34152 Broken Link
http://secunia.com/advisories/34210 Broken Link
http://secunia.com/advisories/34265 Broken Link
http://secunia.com/advisories/34272 Broken Link
http://secunia.com/advisories/34320 Broken Link
http://secunia.com/advisories/34324 Broken Link
http://secunia.com/advisories/34388 Broken Link
http://secunia.com/advisories/34462 Broken Link
http://secunia.com/advisories/34464 Broken Link
http://secunia.com/advisories/35074 Broken Link
http://secunia.com/advisories/35258 Broken Link
http://secunia.com/advisories/35302 Broken Link
http://secunia.com/advisories/35379 Broken Link
http://secunia.com/advisories/35386 Broken Link
http://secunia.com/advisories/36096 Broken Link
http://security.gentoo.org/glsa/glsa-200903-28.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-201209-25.xml Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 Mailing List
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952 Mailing List
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com Broken Link
http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 Broken Link
http://support.apple.com/kb/HT3549 Third Party Advisory
http://support.apple.com/kb/HT3613 Third Party Advisory
http://support.apple.com/kb/HT3639 Third Party Advisory
http://support.apple.com/kb/HT3757 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm Broken Link
http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document Broken Link
http://wiki.rpath.com/Advisories:rPSA-2009-0046 Broken Link
http://www.debian.org/security/2009/dsa-1750 Mailing List
http://www.debian.org/security/2009/dsa-1830 Mailing List
http://www.kb.cert.org/vuls/id/649212 Broken Link Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:051 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:075 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0315.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0325.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0333.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0340.html Broken Link
http://www.securityfocus.com/archive/1/501767/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/503912/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/505990/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33827 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33990 Broken Link Third Party Advisory VDB Entry
http://www.us-cert.gov/cas/techalerts/TA09-133A.html Third Party Advisory US Government Resource
http://www.us-cert.gov/cas/techalerts/TA09-218A.html Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2009-0007.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/0469 Broken Link
http://www.vupen.com/english/advisories/2009/0473 Broken Link
http://www.vupen.com/english/advisories/2009/0632 Broken Link
http://www.vupen.com/english/advisories/2009/1297 Broken Link
http://www.vupen.com/english/advisories/2009/1451 Broken Link
http://www.vupen.com/english/advisories/2009/1462 Broken Link
http://www.vupen.com/english/advisories/2009/1522 Broken Link
http://www.vupen.com/english/advisories/2009/1560 Broken Link
http://www.vupen.com/english/advisories/2009/1621 Broken Link
http://www.vupen.com/english/advisories/2009/2172 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/48819 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458 Broken Link
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html Mailing List
ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt Broken Link Vendor Advisory
http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt Product
http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html Mailing List
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html Mailing List
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html Mailing List
http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Broken Link Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html Mailing List
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html Mailing List
http://lists.vmware.com/pipermail/security-announce/2009/000062.html Broken Link
http://secunia.com/advisories/33970 Broken Link Vendor Advisory
http://secunia.com/advisories/33976 Broken Link Vendor Advisory
http://secunia.com/advisories/34137 Broken Link
http://secunia.com/advisories/34140 Broken Link
http://secunia.com/advisories/34143 Broken Link
http://secunia.com/advisories/34145 Broken Link
http://secunia.com/advisories/34152 Broken Link
http://secunia.com/advisories/34210 Broken Link
http://secunia.com/advisories/34265 Broken Link
http://secunia.com/advisories/34272 Broken Link
http://secunia.com/advisories/34320 Broken Link
http://secunia.com/advisories/34324 Broken Link
http://secunia.com/advisories/34388 Broken Link
http://secunia.com/advisories/34462 Broken Link
http://secunia.com/advisories/34464 Broken Link
http://secunia.com/advisories/35074 Broken Link
http://secunia.com/advisories/35258 Broken Link
http://secunia.com/advisories/35302 Broken Link
http://secunia.com/advisories/35379 Broken Link
http://secunia.com/advisories/35386 Broken Link
http://secunia.com/advisories/36096 Broken Link
http://security.gentoo.org/glsa/glsa-200903-28.xml Third Party Advisory
http://security.gentoo.org/glsa/glsa-201209-25.xml Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 Mailing List
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952 Mailing List
http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com Broken Link
http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 Broken Link
http://support.apple.com/kb/HT3549 Third Party Advisory
http://support.apple.com/kb/HT3613 Third Party Advisory
http://support.apple.com/kb/HT3639 Third Party Advisory
http://support.apple.com/kb/HT3757 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm Broken Link
http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document Broken Link
http://wiki.rpath.com/Advisories:rPSA-2009-0046 Broken Link
http://www.debian.org/security/2009/dsa-1750 Mailing List
http://www.debian.org/security/2009/dsa-1830 Mailing List
http://www.kb.cert.org/vuls/id/649212 Broken Link Third Party Advisory US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2009:051 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:075 Broken Link
http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0315.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0325.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0333.html Broken Link
http://www.redhat.com/support/errata/RHSA-2009-0340.html Broken Link
http://www.securityfocus.com/archive/1/501767/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/503912/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/505990/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33827 Broken Link Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/33990 Broken Link Third Party Advisory VDB Entry
http://www.us-cert.gov/cas/techalerts/TA09-133A.html Third Party Advisory US Government Resource
http://www.us-cert.gov/cas/techalerts/TA09-218A.html Third Party Advisory US Government Resource
http://www.vmware.com/security/advisories/VMSA-2009-0007.html Third Party Advisory
http://www.vupen.com/english/advisories/2009/0469 Broken Link
http://www.vupen.com/english/advisories/2009/0473 Broken Link
http://www.vupen.com/english/advisories/2009/0632 Broken Link
http://www.vupen.com/english/advisories/2009/1297 Broken Link
http://www.vupen.com/english/advisories/2009/1451 Broken Link
http://www.vupen.com/english/advisories/2009/1462 Broken Link
http://www.vupen.com/english/advisories/2009/1522 Broken Link
http://www.vupen.com/english/advisories/2009/1560 Broken Link
http://www.vupen.com/english/advisories/2009/1621 Broken Link
http://www.vupen.com/english/advisories/2009/2172 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/48819 Third Party Advisory VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458 Broken Link
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html Mailing List

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2009-0040 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2009-0040 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt
    Added Reference http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt
    Added Reference http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html
    Added Reference http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html
    Added Reference http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
    Added Reference http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
    Added Reference http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
    Added Reference http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html
    Added Reference http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html
    Added Reference http://lists.vmware.com/pipermail/security-announce/2009/000062.html
    Added Reference http://secunia.com/advisories/33970
    Added Reference http://secunia.com/advisories/33976
    Added Reference http://secunia.com/advisories/34137
    Added Reference http://secunia.com/advisories/34140
    Added Reference http://secunia.com/advisories/34143
    Added Reference http://secunia.com/advisories/34145
    Added Reference http://secunia.com/advisories/34152
    Added Reference http://secunia.com/advisories/34210
    Added Reference http://secunia.com/advisories/34265
    Added Reference http://secunia.com/advisories/34272
    Added Reference http://secunia.com/advisories/34320
    Added Reference http://secunia.com/advisories/34324
    Added Reference http://secunia.com/advisories/34388
    Added Reference http://secunia.com/advisories/34462
    Added Reference http://secunia.com/advisories/34464
    Added Reference http://secunia.com/advisories/35074
    Added Reference http://secunia.com/advisories/35258
    Added Reference http://secunia.com/advisories/35302
    Added Reference http://secunia.com/advisories/35379
    Added Reference http://secunia.com/advisories/35386
    Added Reference http://secunia.com/advisories/36096
    Added Reference http://security.gentoo.org/glsa/glsa-200903-28.xml
    Added Reference http://security.gentoo.org/glsa/glsa-201209-25.xml
    Added Reference http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420
    Added Reference http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952
    Added Reference http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com
    Added Reference http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441
    Added Reference http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1
    Added Reference http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1
    Added Reference http://support.apple.com/kb/HT3549
    Added Reference http://support.apple.com/kb/HT3613
    Added Reference http://support.apple.com/kb/HT3639
    Added Reference http://support.apple.com/kb/HT3757
    Added Reference http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm
    Added Reference http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm
    Added Reference http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document
    Added Reference http://wiki.rpath.com/Advisories:rPSA-2009-0046
    Added Reference http://www.debian.org/security/2009/dsa-1750
    Added Reference http://www.debian.org/security/2009/dsa-1830
    Added Reference http://www.kb.cert.org/vuls/id/649212
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2009:051
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2009:075
    Added Reference http://www.mandriva.com/security/advisories?name=MDVSA-2009:083
    Added Reference http://www.redhat.com/support/errata/RHSA-2009-0315.html
    Added Reference http://www.redhat.com/support/errata/RHSA-2009-0325.html
    Added Reference http://www.redhat.com/support/errata/RHSA-2009-0333.html
    Added Reference http://www.redhat.com/support/errata/RHSA-2009-0340.html
    Added Reference http://www.securityfocus.com/archive/1/501767/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/503912/100/0/threaded
    Added Reference http://www.securityfocus.com/archive/1/505990/100/0/threaded
    Added Reference http://www.securityfocus.com/bid/33827
    Added Reference http://www.securityfocus.com/bid/33990
    Added Reference http://www.us-cert.gov/cas/techalerts/TA09-133A.html
    Added Reference http://www.us-cert.gov/cas/techalerts/TA09-218A.html
    Added Reference http://www.vmware.com/security/advisories/VMSA-2009-0007.html
    Added Reference http://www.vupen.com/english/advisories/2009/0469
    Added Reference http://www.vupen.com/english/advisories/2009/0473
    Added Reference http://www.vupen.com/english/advisories/2009/0632
    Added Reference http://www.vupen.com/english/advisories/2009/1297
    Added Reference http://www.vupen.com/english/advisories/2009/1451
    Added Reference http://www.vupen.com/english/advisories/2009/1462
    Added Reference http://www.vupen.com/english/advisories/2009/1522
    Added Reference http://www.vupen.com/english/advisories/2009/1560
    Added Reference http://www.vupen.com/english/advisories/2009/1621
    Added Reference http://www.vupen.com/english/advisories/2009/2172
    Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/48819
    Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316
    Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458
    Added Reference https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html
    Added Reference https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html
    Added Reference https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html
    Added Reference https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Modified Analysis by [email protected]

    Feb. 09, 2024

    Action Type Old Value New Value
    Changed Reference Type ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt Vendor Advisory ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt Broken Link, Vendor Advisory
    Changed Reference Type http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt No Types Assigned http://downloads.sourceforge.net/libpng/libpng-1.2.34-ADVISORY.txt Product
    Changed Reference Type http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html No Types Assigned http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html Mailing List
    Changed Reference Type http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html No Types Assigned http://lists.apple.com/archives/security-announce/2009/jun/msg00002.html Broken Link, Mailing List
    Changed Reference Type http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html No Types Assigned http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html Mailing List
    Changed Reference Type http://lists.apple.com/archives/security-announce/2009/May/msg00002.html No Types Assigned http://lists.apple.com/archives/security-announce/2009/May/msg00002.html Mailing List
    Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html Mailing List
    Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00002.html Mailing List
    Changed Reference Type http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html No Types Assigned http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00009.html Mailing List
    Changed Reference Type http://lists.vmware.com/pipermail/security-announce/2009/000062.html No Types Assigned http://lists.vmware.com/pipermail/security-announce/2009/000062.html Broken Link
    Changed Reference Type http://secunia.com/advisories/33970 Vendor Advisory http://secunia.com/advisories/33970 Broken Link, Vendor Advisory
    Changed Reference Type http://secunia.com/advisories/33976 Vendor Advisory http://secunia.com/advisories/33976 Broken Link, Vendor Advisory
    Changed Reference Type http://secunia.com/advisories/34137 No Types Assigned http://secunia.com/advisories/34137 Broken Link
    Changed Reference Type http://secunia.com/advisories/34140 No Types Assigned http://secunia.com/advisories/34140 Broken Link
    Changed Reference Type http://secunia.com/advisories/34143 No Types Assigned http://secunia.com/advisories/34143 Broken Link
    Changed Reference Type http://secunia.com/advisories/34145 No Types Assigned http://secunia.com/advisories/34145 Broken Link
    Changed Reference Type http://secunia.com/advisories/34152 No Types Assigned http://secunia.com/advisories/34152 Broken Link
    Changed Reference Type http://secunia.com/advisories/34210 No Types Assigned http://secunia.com/advisories/34210 Broken Link
    Changed Reference Type http://secunia.com/advisories/34265 No Types Assigned http://secunia.com/advisories/34265 Broken Link
    Changed Reference Type http://secunia.com/advisories/34272 No Types Assigned http://secunia.com/advisories/34272 Broken Link
    Changed Reference Type http://secunia.com/advisories/34320 No Types Assigned http://secunia.com/advisories/34320 Broken Link
    Changed Reference Type http://secunia.com/advisories/34324 No Types Assigned http://secunia.com/advisories/34324 Broken Link
    Changed Reference Type http://secunia.com/advisories/34388 No Types Assigned http://secunia.com/advisories/34388 Broken Link
    Changed Reference Type http://secunia.com/advisories/34462 No Types Assigned http://secunia.com/advisories/34462 Broken Link
    Changed Reference Type http://secunia.com/advisories/34464 No Types Assigned http://secunia.com/advisories/34464 Broken Link
    Changed Reference Type http://secunia.com/advisories/35074 No Types Assigned http://secunia.com/advisories/35074 Broken Link
    Changed Reference Type http://secunia.com/advisories/35258 No Types Assigned http://secunia.com/advisories/35258 Broken Link
    Changed Reference Type http://secunia.com/advisories/35302 No Types Assigned http://secunia.com/advisories/35302 Broken Link
    Changed Reference Type http://secunia.com/advisories/35379 No Types Assigned http://secunia.com/advisories/35379 Broken Link
    Changed Reference Type http://secunia.com/advisories/35386 No Types Assigned http://secunia.com/advisories/35386 Broken Link
    Changed Reference Type http://secunia.com/advisories/36096 No Types Assigned http://secunia.com/advisories/36096 Broken Link
    Changed Reference Type http://security.gentoo.org/glsa/glsa-200903-28.xml No Types Assigned http://security.gentoo.org/glsa/glsa-200903-28.xml Third Party Advisory
    Changed Reference Type http://security.gentoo.org/glsa/glsa-201209-25.xml No Types Assigned http://security.gentoo.org/glsa/glsa-201209-25.xml Third Party Advisory
    Changed Reference Type http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 No Types Assigned http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.405420 Mailing List
    Changed Reference Type http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952 No Types Assigned http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.433952 Mailing List
    Changed Reference Type http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com No Types Assigned http://sourceforge.net/mailarchive/message.php?msg_name=e56ccc8f0902181726i200f4bf0n20d919473ec409b7%40mail.gmail.com Broken Link
    Changed Reference Type http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441 No Types Assigned http://sourceforge.net/project/shownotes.php?group_id=1689&release_id=662441 Broken Link
    Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1 Broken Link
    Changed Reference Type http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 No Types Assigned http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1 Broken Link
    Changed Reference Type http://support.apple.com/kb/HT3549 No Types Assigned http://support.apple.com/kb/HT3549 Third Party Advisory
    Changed Reference Type http://support.apple.com/kb/HT3613 No Types Assigned http://support.apple.com/kb/HT3613 Third Party Advisory
    Changed Reference Type http://support.apple.com/kb/HT3639 No Types Assigned http://support.apple.com/kb/HT3639 Third Party Advisory
    Changed Reference Type http://support.apple.com/kb/HT3757 No Types Assigned http://support.apple.com/kb/HT3757 Third Party Advisory
    Changed Reference Type http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm No Types Assigned http://support.avaya.com/elmodocs2/security/ASA-2009-069.htm Broken Link
    Changed Reference Type http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm No Types Assigned http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm Broken Link
    Changed Reference Type http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document No Types Assigned http://support.avaya.com/japple/css/japple?temp.documentID=366362&temp.productID=154235&temp.releaseID=361845&temp.bucketID=126655&PAGE=Document Broken Link
    Changed Reference Type http://wiki.rpath.com/Advisories:rPSA-2009-0046 No Types Assigned http://wiki.rpath.com/Advisories:rPSA-2009-0046 Broken Link
    Changed Reference Type http://www.debian.org/security/2009/dsa-1750 No Types Assigned http://www.debian.org/security/2009/dsa-1750 Mailing List
    Changed Reference Type http://www.debian.org/security/2009/dsa-1830 No Types Assigned http://www.debian.org/security/2009/dsa-1830 Mailing List
    Changed Reference Type http://www.kb.cert.org/vuls/id/649212 US Government Resource http://www.kb.cert.org/vuls/id/649212 Broken Link, Third Party Advisory, US Government Resource
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2009:051 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2009:051 Broken Link
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2009:075 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2009:075 Broken Link
    Changed Reference Type http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 No Types Assigned http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 Broken Link
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2009-0315.html No Types Assigned http://www.redhat.com/support/errata/RHSA-2009-0315.html Broken Link
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2009-0325.html No Types Assigned http://www.redhat.com/support/errata/RHSA-2009-0325.html Broken Link
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2009-0333.html No Types Assigned http://www.redhat.com/support/errata/RHSA-2009-0333.html Broken Link
    Changed Reference Type http://www.redhat.com/support/errata/RHSA-2009-0340.html No Types Assigned http://www.redhat.com/support/errata/RHSA-2009-0340.html Broken Link
    Changed Reference Type http://www.securityfocus.com/archive/1/501767/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/501767/100/0/threaded Broken Link, Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/503912/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/503912/100/0/threaded Broken Link, Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/archive/1/505990/100/0/threaded No Types Assigned http://www.securityfocus.com/archive/1/505990/100/0/threaded Broken Link, Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/33827 No Types Assigned http://www.securityfocus.com/bid/33827 Broken Link, Third Party Advisory, VDB Entry
    Changed Reference Type http://www.securityfocus.com/bid/33990 No Types Assigned http://www.securityfocus.com/bid/33990 Broken Link, Third Party Advisory, VDB Entry
    Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA09-133A.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA09-133A.html Third Party Advisory, US Government Resource
    Changed Reference Type http://www.us-cert.gov/cas/techalerts/TA09-218A.html US Government Resource http://www.us-cert.gov/cas/techalerts/TA09-218A.html Third Party Advisory, US Government Resource
    Changed Reference Type http://www.vmware.com/security/advisories/VMSA-2009-0007.html No Types Assigned http://www.vmware.com/security/advisories/VMSA-2009-0007.html Third Party Advisory
    Changed Reference Type http://www.vupen.com/english/advisories/2009/0469 No Types Assigned http://www.vupen.com/english/advisories/2009/0469 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/0473 No Types Assigned http://www.vupen.com/english/advisories/2009/0473 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/0632 No Types Assigned http://www.vupen.com/english/advisories/2009/0632 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/1297 No Types Assigned http://www.vupen.com/english/advisories/2009/1297 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/1451 No Types Assigned http://www.vupen.com/english/advisories/2009/1451 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/1462 No Types Assigned http://www.vupen.com/english/advisories/2009/1462 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/1522 No Types Assigned http://www.vupen.com/english/advisories/2009/1522 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/1560 No Types Assigned http://www.vupen.com/english/advisories/2009/1560 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/1621 No Types Assigned http://www.vupen.com/english/advisories/2009/1621 Broken Link
    Changed Reference Type http://www.vupen.com/english/advisories/2009/2172 No Types Assigned http://www.vupen.com/english/advisories/2009/2172 Broken Link
    Changed Reference Type https://exchange.xforce.ibmcloud.com/vulnerabilities/48819 No Types Assigned https://exchange.xforce.ibmcloud.com/vulnerabilities/48819 Third Party Advisory, VDB Entry
    Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316 Broken Link
    Changed Reference Type https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458 No Types Assigned https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458 Broken Link
    Changed Reference Type https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html No Types Assigned https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00272.html Mailing List
    Changed Reference Type https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html No Types Assigned https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00412.html Mailing List
    Changed Reference Type https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html No Types Assigned https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00769.html Mailing List
    Changed Reference Type https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html No Types Assigned https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00771.html Mailing List
    Removed CWE NIST CWE-94
    Added CWE NIST CWE-824
    Changed CPE Configuration OR *cpe:2.3:a:libpng:libpng:0.89c:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:0.95:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.0:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.1:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.2:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.3:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.5:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:a:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:d:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:e:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:f:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:g:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:h:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:i:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.6:j:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta11:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta12:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta13:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta14:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta15:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta16:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta17:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:beta18:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.7:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.8:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.8:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.8:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.8:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.8:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.8:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta10:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta7:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta8:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:beta9:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.9:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.10:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.10:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.10:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.11:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.11:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.11:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.11:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.11:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.12:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.12:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.12:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.13:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.14:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.15:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.15:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.15:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.15:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.16:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.17:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.17:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.18:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.19:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.19:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.19:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.19:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.19:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.20:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.21:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.21:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.21:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.22:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.22:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.23:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.23:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.23:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.23:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.23:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.23:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.24:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.24:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.25:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.25:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.25:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.26:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.27:rc6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.28:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.28:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.28:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.28:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.28:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.28:rc6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.29:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.29:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.29:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.29:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.29:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.30:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.31:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.32:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.33:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.34:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.35:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.37:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.38:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.39:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.40:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.0.41:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* versions up to (including) 1.0.42 *cpe:2.3:a:libpng:libpng:1.2.0:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.0:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.0:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.0:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.0:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.0:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.0:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.1:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:beta6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.2:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.3:rc6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.4:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.4:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.4:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.4:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.4:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.5:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.6:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.7:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.7:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.7:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.8:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta10:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta7:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta8:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:beta9:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.9:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:beta7:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.10:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.11:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.13:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.13:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.13:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.13:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.14:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.14:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.14:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.14:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:beta6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.15:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.16:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.16:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.16:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.16:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.17:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.18:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta10:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta11:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta12:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta13:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta14:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta15:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta16:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta17:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta18:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta19:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta20:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta21:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta22:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta23:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta24:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta25:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta26:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta27:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta28:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta29:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta30:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta31:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta32:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta33:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta7:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta8:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:beta9:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.19:rc6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:rc4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:rc5:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.20:rc6:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.21:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.21:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.21:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.21:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.21:rc2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.21:rc3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.22:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.22:beta1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.22:beta2:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.22:beta3:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.22:beta4:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.22:rc1:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.23:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.24:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:beta03:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:beta04:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:beta05:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:beta06:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:rc01:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.25:rc02:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:beta01:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:beta02:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:beta03:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:beta04:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:beta05:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:beta06:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.26:rc01:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.27:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.28:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.29:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.30:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.31:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.32:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.33:*:*:*:*:*:*:* *cpe:2.3:a:libpng:libpng:1.2.34:*:*:*:*:*:*:* OR *cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* versions up to (excluding) 1.0.43 *cpe:2.3:a:libpng:libpng:*:*:*:*:*:*:*:* versions from (including) 1.2.0 up to (excluding) 1.2.35
    Added CPE Configuration OR *cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* versions up to (excluding) 3.0 *cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* versions up to (excluding) 10.5.8
    Added CPE Configuration OR *cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:* *cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:* *cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise:9.0:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise:10.0:-:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
    Added CPE Configuration OR *cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:* *cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Oct. 11, 2018

    Action Type Old Value New Value
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/505990/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/501767/100/0/threaded [No Types Assigned]
    Removed Reference http://www.securityfocus.com/archive/1/archive/1/503912/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/505990/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/503912/100/0/threaded [No Types Assigned]
    Added Reference http://www.securityfocus.com/archive/1/501767/100/0/threaded [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 29, 2017

    Action Type Old Value New Value
    Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6458 [No Types Assigned]
    Removed Reference http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10316 [No Types Assigned]
    Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6458 [No Types Assigned]
    Added Reference https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10316 [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 08, 2017

    Action Type Old Value New Value
    Removed Reference http://xforce.iss.net/xforce/xfdb/48819 [No Types Assigned]
    Added Reference https://exchange.xforce.ibmcloud.com/vulnerabilities/48819 [No Types Assigned]
  • Initial Analysis by [email protected]

    Feb. 23, 2009

    Action Type Old Value New Value
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2009-0040 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2009-0040 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

9.10 }} 1.59%

score

0.94634

percentile

CVSS2 - Vulnerability Scoring System
Access Vector
Access Complexity
Authentication
Confidentiality
Integrity
Availability