Rule: -- Sid: 3133 -- Summary: This event is generated when an attempt is made to exploit a buffer overflow associated with the processing of a Portable Network Graphics (PNG) file by the GD Graphics Library. -- Impact: A successful attack may cause a denial of service or a buffer overflow and the subsequent execution of arbitrary code on a vulnerable server. -- Detailed Information: A vulnerability exists in the way that software that handles PNG files, libpng, allocates memory for PNG images. A maliciously formatted PNG image sent to a vulnerable server may cause a buffer overflow and the subsequent execution of arbitrary code on a vulnerable server. A PNG file with an excessively large image height, width, or depth, or combination of these can cause a buffer overflow. -- Affected Systems: GD Graphics Library 2.0.28 and earlier -- Attack Scenarios: An attacker can create a malformed PNG file and upload it to a web server, possibly causing a buffer overflow. -- Ease of Attack: Simple. -- False Positives: None known. -- False Negatives: None known. -- Corrective Action: Upgrade to the latest non-affected version of the software. Apply the appropriate vendor supplied patches. -- Contributors: Sourcefire Research Team Judy Novak <judy.novak@sourcefire.com> -- Additional References: --
