VMware Security Advisory – Several flaws were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application. The new version of ACE updates the Apache HTTP Server on Windows hosts to version 2.0.63 which addresses multiple security issues that existed in the previous versions of this server.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/80533/VMSA-2009-0010.txt
Source: https://packetstormsecurity.com/files/80533/VMware-Security-Advisory-2009-0010.html