漏洞类别:Solaris
漏洞等级: 
漏洞信息
Solaris has released a patch to fix a denial of service vulnerability in libpng. The vulnerability allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, removing the text, and then adding another text chunk to the structure (CVE-2016-10087).
Affected Platforms:
Solaris 10 for SPARC and x86 platforms is affected
QID Detection Logic (Authenticated):
This QID checks for the update package SPARC: 137080-10 X86: 137081-10
漏洞危害
This vulnerability could be exploited to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.
解决方案
Refer to Oracle Solaris Third Party Bulletin - July 2017 to address this issue and obtain patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论