Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2004-0597
Description:Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Test IDs:  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2004-0597
BugTraq ID: 10857
BugTraq ID: 15495
Bugtraq: 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) (Google Search)
Bugtraq: 20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit (Google Search)
Cert/CC Advisory: TA04-217A
Cert/CC Advisory: TA05-039A
CERT/CC vulnerability note: VU#388984
CERT/CC vulnerability note: VU#817368
Conectiva Linux advisory: CLA-2004:856
Debian Security Information: DSA-536 (Google Search)
HPdes Security Advisory: SSRT4778
Microsoft Security Bulletin: MS05-009
RedHat Security Advisories: RHSA-2004:402
RedHat Security Advisories: RHSA-2004:421
RedHat Security Advisories: RHSA-2004:429
SCO Security Bulletin: SCOSA-2004.16
SCO Security Bulletin: SCOSA-2005.49
SuSE Security Announcement: SUSE-SA:2004:023 (Google Search)
XForce ISS Database: libpng-pnghandle-bo(16894)

© 1998-2021 E-Soft Inc. All rights reserved.