CVE-2004-0597

Severity

99%

Complexity

99%

Confidentiality

165%

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft

First reported 20 years ago

2004-11-23 05:00:00

Last updated 6 years ago

2018-10-12 21:34:00

Affected Software

Microsoft msn_messenger_service 6.1

6.1

Microsoft msn_messenger_service 6.2

6.2

Microsoft Windows Media Player 9

9

Microsoft windows_messenger 5.0

5.0

Microsoft windows 98_se

References

SCOSA-2005.49

CLA-2004:856

APPLE-SA-2004-09-09

20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png)

SSRT4778

SCOSA-2004.16

FLSA:2089

20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit

http://scary.beasts.org/security/CESA-2004-001.txt

Exploit, Vendor Advisory

22957

22958

200663

http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-114816-02-1

http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679

Patch

http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10

DSA-536

Patch, Vendor Advisory

GLSA-200408-03

Patch, Vendor Advisory

GLSA-200408-22

Patch, Vendor Advisory

VU#388984

Third Party Advisory, US Government Resource

VU#817368

Third Party Advisory, US Government Resource

MDKSA-2004:079

MDKSA-2006:212

MDKSA-2006:213

http://www.mozilla.org/projects/security/known-vulnerabilities.html

SUSE-SA:2004:023

Patch, Vendor Advisory

RHSA-2004:402

RHSA-2004:421

Vendor Advisory

RHSA-2004:429

Vendor Advisory

10857

Exploit, Patch, Vendor Advisory

15495

2004-0040

Patch, Vendor Advisory

TA04-217A

Third Party Advisory, US Government Resource

TA05-039A

Third Party Advisory, US Government Resource

FLSA:1943

MS05-009

libpng-pnghandle-bo(16894)

oval:org.mitre.oval:def:11284

oval:org.mitre.oval:def:2274

oval:org.mitre.oval:def:2378

oval:org.mitre.oval:def:4492

oval:org.mitre.oval:def:594

oval:org.mitre.oval:def:7709

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.