Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
No history.
Information
Published : 2004-11-23 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2004-0597
Mitre link : CVE-2004-0597
CVE.ORG link : CVE-2004-0597
JSON object : View
Products Affected
microsoft
- windows_98se
- windows_me
- windows_messenger
- windows_media_player
- msn_messenger
greg_roelofs
- libpng
CWE