Security Advisories

December 2, 2011 - ProxyAV buffer overflow in libpng (CVE-2010-1205)

Security Advisories ID:    SA65
Version:    2.0
Status:    Published
Published date:    11/29/2011
Updated:    12/10/2012
 

Advisory Status

Final

Advisory Severity

High, CVSS v2 base score: 7.8 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Summary

ProxyAV uses a version of libpng that is vulnerable to a buffer overflow attack.  This vulnerability could allow a remote attacker to read and modify ProxyAV data.

Affected Products

All versions of ProxyAV prior to 3.4.1.1 are vulnerable.

Details

ProxyAV uses libpng version 1.2.8 to generate statistical graphs in PNG format.  This version of libpng is vulnerable to a buffer overflow attack.  It is possible that a remote attacker could execute arbitrary code on ProxyAV through this library that would run with escalated privileges.

ProxyAV 3.4.1.1 contains an upgrade to libpng version 1.2.46 fixing this CVE.

Workarounds

Deploying ProxyAV behind a firewall and adding constraints on what IP addresses can be used to connect to ProxyAV will greatly limit the ability to attack a ProxyAV installation.

Patches

ProxyAV 3.4 - a fix is available in 3.4.1.1.  The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/4.

ProxyAV 3.3 - a fix is avialable in 3.3.2.1.  The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/4.

ProxyAV 3.2 and earlier - please upgrade to a later version.

Advisory History

2012-12-10 Notification of fix for 3.3

2011-12-02 Initial public release


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question