CVE-2004-0597

HIGH

Description

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

References

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856

http://lists.apple.com/mhonarc/security-announce/msg00056.html

http://marc.info/?l=bugtraq&m=109163866717909&w=2

http://marc.info/?l=bugtraq&m=109181639602978&w=2

http://marc.info/?l=bugtraq&m=109761239318458&w=2

http://marc.info/?l=bugtraq&m=109900315219363&w=2

http://marc.info/?l=bugtraq&m=110796779903455&w=2

http://scary.beasts.org/security/CESA-2004-001.txt

http://secunia.com/advisories/22957

http://secunia.com/advisories/22958

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1

http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-114816-02-1

http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679

http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10

http://www.debian.org/security/2004/dsa-536

http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml

http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml

http://www.kb.cert.org/vuls/id/388984

http://www.kb.cert.org/vuls/id/817368

http://www.mandriva.com/security/advisories?name=MDKSA-2004:079

http://www.mandriva.com/security/advisories?name=MDKSA-2006:212

http://www.mandriva.com/security/advisories?name=MDKSA-2006:213

http://www.mozilla.org/projects/security/known-vulnerabilities.html

http://www.novell.com/linux/security/advisories/2004_23_libpng.html

http://www.redhat.com/support/errata/RHSA-2004-402.html

http://www.redhat.com/support/errata/RHSA-2004-421.html

http://www.redhat.com/support/errata/RHSA-2004-429.html

http://www.securityfocus.com/bid/10857

http://www.securityfocus.com/bid/15495

http://www.trustix.net/errata/2004/0040/

http://www.us-cert.gov/cas/techalerts/TA04-217A.html

http://www.us-cert.gov/cas/techalerts/TA05-039A.html

https://bugzilla.fedora.us/show_bug.cgi?id=1943

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009

https://exchange.xforce.ibmcloud.com/vulnerabilities/16894

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709

Details

Source: MITRE

Published: 2004-11-23

Updated: 2018-10-12

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH