CVE-2004-0597

Published: Nov 23, 2004Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Affected (7)

Products: Greg Roelofs: Libpng · Microsoft: Msn Messenger, Windows Media Player, Windows Messenger, Windows 98se, Windows Me

1 product

5 products

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Greg Roelofs Libpng	Up to 1.2.5
Microsoft Msn Messenger	Version 6.1
Microsoft Msn Messenger	Version 6.2
Microsoft Windows Media Player	Version 9
Microsoft Windows Messenger	Version 5.0

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Windows 98se	All versions
Microsoft Windows Me	All versions

References (84)

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt (unsafe URL)

Source: cve@mitre.org

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856

Source: cve@mitre.org

http://lists.apple.com/mhonarc/security-announce/msg00056.html

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109163866717909&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109181639602978&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109761239318458&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=109900315219363&w=2

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=110796779903455&w=2

Source: cve@mitre.org

http://scary.beasts.org/security/CESA-2004-001.txt

Source: cve@mitre.org

ExploitVendor Advisory

http://secunia.com/advisories/22957

Source: cve@mitre.org

http://secunia.com/advisories/22958

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1

Source: cve@mitre.org

http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-114816-02-1

Source: cve@mitre.org

http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679

Source: cve@mitre.org

Patch

http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10

Source: cve@mitre.org

http://www.debian.org/security/2004/dsa-536

Source: cve@mitre.org

PatchVendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/388984

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/817368

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.mandriva.com/security/advisories?name=MDKSA-2004:079

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:212

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDKSA-2006:213

Source: cve@mitre.org

http://www.mozilla.org/projects/security/known-vulnerabilities.html

Source: cve@mitre.org

http://www.novell.com/linux/security/advisories/2004_23_libpng.html

Source: cve@mitre.org

PatchVendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-402.html

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2004-421.html

Source: cve@mitre.org

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2004-429.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/10857

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/bid/15495

Source: cve@mitre.org

http://www.trustix.net/errata/2004/0040/

Source: cve@mitre.org

PatchVendor Advisory

http://www.us-cert.gov/cas/techalerts/TA04-217A.html

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://www.us-cert.gov/cas/techalerts/TA05-039A.html

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

https://bugzilla.fedora.us/show_bug.cgi?id=1943

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/16894

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709

Source: cve@mitre.org

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt (unsafe URL)