Product: Solaris 8, Solaris 9, Solaris 10, OpenSolaris
Multiple security vulnerabilities in libpng(3), which is shipped with
Solaris, may allow a local or remote unprivileged user to cause a
denial of service (DoS) of applications linked to libpng(3), or
potentially to execute arbitrary code with the privileges of the user
running the application, when a user has loaded a specially crafted
Portable Network Graphics (PNG) format image file (.png) supplied by
an untrusted user.

These issues are also referenced in the following documents:


CVE-2007-5267 http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-5267
CVE-2008-3964 http://cve.mitre.org/cgi-bin/cvename...=CVE-2008-3964
CVE-2007-5266 http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-5266
CVE-2007-5268 http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-5268
CVE-2007-5269 http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-5269
CVE-2008-1382 http://cve.mitre.org/cgi-bin/cvename...=CVE-2008-1382
CVE-2009-0040 http://cve.mitre.org/cgi-bin/cvename...=CVE-2009-0040
CERT VU#649212 http://www.kb.cert.org/vuls/id/649212



State: Workaround
First released: 28-May-2009
Sun Alert Link: http://sunsolve.sun.com/search/docum...=1-66-259989-1


Read More about [Sun Alert 259989 Security Vulnerability in Solaris libpng(3) May Allow Denial of Service (DoS) or Privilege Escalation...