OSVDB ID: 87079

Title: Google WebP Image File Handling Integer Overflow Out-of-bounds Read Information Disclosure

Info

Disclosure

Nov 06, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Nov 06, 2012

Description

Google WebP contains an integer overflow flaw in the 'ParseOptionalChunks' function in libwebp/dec/webp.c that is triggered when handling chunk sizes. With a specially crafted web page containing a WebP image, a context-dependent attacker can crash the browser or disclose memory contents. This flaw has been demonstrated as used in the Google Chrome web browser.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade, Third-Party Solution
Exploit: Exploit Public
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Web Related

Solution

It has been reported that this issue has been fixed. Upgrade to version 0.2.1, or higher, to address this vulnerability. Upgrade to Google Chrome version 23.0.1271.64 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Google, Inc.

Chrome

22.0.1229.94

WebP (libwebp)

0.2.0

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/87079