Skip to main content

Blue Coat ProxyAV libpng Buffer Overflow Vulnerability

Last Update Date: 6 Dec 2011 11:43 Release Date: 6 Dec 2011 5543 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have identified in Blue Coat ProxyAV, which can be exploited by malicious people to compromise a vulnerable device.

  1. An error within progressive applications when handling image row data can be exploited to potentially cause a buffer overflow by e.g. providing one additional image row beyond the height reported in the header.Successful exploitation may allow the execution of arbitrary code.
  2. A memory leak exists within the handling of certain sCAL chunks. This can be exploited to e.g. cause a crash via specially crafted PNG images.

Impact

  • Remote Code Execution

System / Technologies affected

  • Blue Coat ProxyAV 3.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 3.4.1.1.

Vulnerability Identifier


Source


Related Link