Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Mac OS X Local Security Checks
Title:Security Update 2004-08-09

The remote host is missing Security Update 2004-08-09.

Libpng is a library used for manipulating graphics files.

Several buffer overflows have been discovered in libpng. An attacker
could create a carefully crafted PNG file in such a way that it would
cause an application linked with libpng to execute arbitrary code when
the file was opened by a victim.

Solution :
Risk factor : Critical

CVSS Score:

Cross-Ref: BugTraq ID: 10857
Common Vulnerability Exposure (CVE) ID: CVE-2004-0597
BugTraq ID: 15495
Bugtraq: 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) (Google Search)
Bugtraq: 20050209 MSN Messenger PNG Image Buffer Overflow Download Shellcoded Exploit (Google Search)
Cert/CC Advisory: TA04-217A
Cert/CC Advisory: TA05-039A
CERT/CC vulnerability note: VU#388984
CERT/CC vulnerability note: VU#817368
Conectiva Linux advisory: CLA-2004:856
Debian Security Information: DSA-536 (Google Search)
HPdes Security Advisory: SSRT4778
Microsoft Security Bulletin: MS05-009
SCO Security Bulletin: SCOSA-2004.16
SCO Security Bulletin: SCOSA-2005.49
SuSE Security Announcement: SUSE-SA:2004:023 (Google Search)
XForce ISS Database: libpng-pnghandle-bo(16894)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0598
CERT/CC vulnerability note: VU#236656
XForce ISS Database: libpng-pnghandleiccp-dos(16895)
Common Vulnerability Exposure (CVE) ID: CVE-2004-0599
CERT/CC vulnerability note: VU#160448
CERT/CC vulnerability note: VU#286464
CERT/CC vulnerability note: VU#477512
Debian Security Information: DSA-570 (Google Search)
Debian Security Information: DSA-571 (Google Search)
XForce ISS Database: lilbpng-integer-bo(16896)
CopyrightThis script is Copyright (C) 2004 Tenable Network Security

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.