Russian Vulnerability Scanner Database

Back to List

CVE-2010-1205

Scores

EPSS

0.152very_low15.2%
0%20%40%60%80%100%

Percentile: 15.2%

CVSS

9.8critical3.x
0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x
9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Description

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-120

Related Vulnerabilities

BDU:2015-09413BDU:2015-10121

Exploits

Exploit ID: 14422

Source: exploitdb

URL: https://www.exploit-db.com/exploits/14422

Exploit ID: 25094

Source: exploitdb

URL: https://www.exploit-db.com/exploits/25094

Exploit ID: 389

Source: exploitdb

URL: https://www.exploit-db.com/exploits/389

Exploit ID: 393

Source: exploitdb

URL: https://www.exploit-db.com/exploits/393

Exploit ID: CVE-2010-1205

Source: github-poc

URL: https://github.com/mk219533/CVE-2010-1205

Vulnerable Software (36)

Type: Configuration

Product: firefox

Operating System: rhel 4

Trait: 
{  "fixed": "3.6.7-2.el4"}

Source: redhat

Type: Configuration

Product: firefox

Operating System: rhel 5

Trait: 
{  "fixed": "3.6.7-2.el5"}

Source: redhat

Type: Configuration

Product: firefox

Operating System: ubuntu hardy 8.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: icedove

Operating System: debian

Trait: 
{  "fixed": "3.0.6-1"}

Source: debian

Type: Configuration

Product: icedove

Operating System: debian lenny 5

Trait: 
{  "unfixed": true}

Source: debian

Type: Configuration

Product: libpng

Operating System: debian

Trait: 
{  "fixed": "1.2.44-1"}

Source: debian

Type: Configuration

Product: libpng

Operating System: rhel 3

Trait: 
{  "fixed": "1.2.2-30"}

Source: redhat

Type: Configuration

Product: libpng

Operating System: rhel 4

Trait: 
{  "fixed": "1.2.7-3.el4_8.3"}

Source: redhat

Type: Configuration

Product: libpng

Operating System: rhel 5

Trait: 
{  "fixed": "1.2.10-7.1.el5_5.3"}

Source: redhat

Type: Configuration

Product: libpng

Operating System: ubuntu hardy 8.04

Trait: 
{  "fixed": "1.2.15~beta5-3ubuntu0.3"}

Source: ubuntu

Type: Configuration

Product: libpng10

Operating System: rhel 3

Trait: 
{  "fixed": "1.0.13-21"}

Source: redhat

Type: Configuration

Product: libpng10

Operating System: rhel 4

Trait: 
{  "fixed": "1.0.16-3.el4_8.4"}

Source: redhat

Type: Configuration

Product: seamonkey

Operating System: rhel 3

Trait: 
{  "fixed": "1.0.9-0.57.el3"}

Source: redhat

Type: Configuration

Product: seamonkey

Operating System: rhel 4

Trait: 
{  "fixed": "1.0.9-60.el4"}

Source: redhat

Type: Configuration

Product: thunderbird

Operating System: rhel 5

Trait: 
{  "fixed": "2.0.0.24-6.el5"}

Source: redhat

Type: Configuration

Product: thunderbird

Operating System: ubuntu hardy 8.04

Trait: 
{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: tuxonice-userui

Operating System: debian

Trait: 
{  "fixed": "1.0-1"}

Source: debian

Type: Configuration

Product: xulrunner

Operating System: rhel 5

Trait: 
{  "fixed": "1.9.2.7-2.el5"}

Source: redhat

Type: Configuration

Product: xulrunner-1.9.2

Operating System: ubuntu hardy 8.04

Trait: 
{  "fixed": "1.9.2.7+build2+nobinonly-0ubuntu0.8.04.2"}

Source: ubuntu

Type: Configuration

Vendor: *

Product: chrome

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",      "versionEndExcluding": "5.0.375.99",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd