CVE-2004-0597

Properties

Published:
22.11.2004
Updated:
21.08.2010
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Product:
microsoft: windows_me
microsoft: msn_messenger

Vulnerability description

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

References:

CERT: http://www.us-cert.gov/cas/techalerts/TA05-039A.html
CERT: http://www.us-cert.gov/cas/techalerts/TA04-217A.html
CERT-VN: http://www.kb.cert.org/vuls/id/817368
CERT-VN: http://www.kb.cert.org/vuls/id/388984
FEDORA: https://bugzilla.fedora.us/show_bug.cgi?id=1943
XF: http://xforce.iss.net/xforce/xfdb/16894
TRUSTIX: http://www.trustix.net/errata/2004/0040/
BID: http://www.securityfocus.com/bid/10857
SUSE: http://www.novell.com/linux/security/advisories/2004_23_libpng.html
MS: http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx
GENTOO: http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml
GENTOO: http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml
DEBIAN: http://www.debian.org/security/2004/dsa-536
CONFIRM: http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679
BID: http://www.securityfocus.com/bid/15495
REDHAT: http://www.redhat.com/support/errata/RHSA-2004-429.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2004-421.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2004-402.html
CONFIRM: http://www.mozilla.org/projects/security/known-vulnerabilities.html
MISC: http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10
MISC: http://scary.beasts.org/security/CESA-2004-001.txt
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7709
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11284
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=110796779903455&w=2
FEDORA: http://marc.theaimsgroup.com/?l=bugtraq&m=109900315219363&w=2
SCO: http://marc.theaimsgroup.com/?l=bugtraq&m=109761239318458&w=2
HP: http://marc.theaimsgroup.com/?l=bugtraq&m=109181639602978&w=2
BUGTRAQ: http://marc.theaimsgroup.com/?l=bugtraq&m=109163866717909&w=2
CONECTIVA: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856
SCO: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDKSA-2006:213
MANDRIVA: http://www.mandriva.com/security/advisories?name=MDKSA-2006:212
MANDRAKE: http://www.mandriva.com/security/advisories?name=MDKSA-2004:079
CONFIRM: http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-114816-02-1
SUNALERT: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1
SECUNIA: http://secunia.com/advisories/22958
SECUNIA: http://secunia.com/advisories/22957
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:594
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4492
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2378
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2274