Description: | Description: The remote host is missing an update to the system as announced in the referenced advisory.
The following packages are affected: png linux-png firefox thunderbird linux-mozilla linux-mozilla-devel mozilla mozilla-gtk1 netscape-communicator netscape-navigator linux-netscape-communicator linux-netscape-navigator ko-netscape-navigator-linux ko-netscape-communicator-linux ja-netscape-communicator-linux ja-netscape-navigator-linux netscape7 ja-netscape7 pt_BR-netscape7 fr-netscape7 de-netscape7
CVE-2004-0597 Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
CVE-2004-0598 The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
CVE-2004-0599 Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.
Solution: Update your system with the appropriate patches or software upgrades.
http://scary.beasts.org/security/CESA-2004-001.txt http://www.osvdb.org/8312 http://www.osvdb.org/8313 http://www.osvdb.org/8314 http://www.osvdb.org/8315 http://www.osvdb.org/8316 http://secunia.com/advisories/12219 http://secunia.com/advisories/12232 http://bugzilla.mozilla.org/show_bug.cgi?id=251381 http://dl.sourceforge.net/sourceforge/libpng/ADVISORY.txt http://www.securityfocus.com/archive/1/370853 http://www.vuxml.org/freebsd/f9e3e60b-e650-11d8-9b0a-000347a4fa7d.html
CVSS Score: 10.0
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
|