CVE-2004-0597 Information

Description

Multiple buffer overflows in libpng 1.2.5 and earlier as used in multiple products allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Reference

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=109761239318458&w=2 http://marc.info/?l=bugtraq&m=109900315219363&w=2 http://marc.info/?l=bugtraq&m=110796779903455&w=2 http://scary.beasts.org/security/CESA-2004-001.txt http://secunia.com/advisories/22957 http://secunia.com/advisories/22958 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1 http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-114816-02-1 http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679 http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10 http://www.debian.org/security/2004/dsa-536 http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml http://www.kb.cert.org/vuls/id/388984 http://www.kb.cert.org/vuls/id/817368 http://www.mandriva.com/security/advisories?name=MDKSA-2004:079 http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 http://www.mozilla.org/projects/security/known-vulnerabilities.html http://www.novell.com/linux/security/advisories/2004_23_libpng.html http://www.redhat.com/support/errata/RHSA-2004-402.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.redhat.com/support/errata/RHSA-2004-429.html http://www.securityfocus.com/bid/10857 http://www.securityfocus.com/bid/15495 http://www.trustix.net/errata/2004/0040/ http://www.us-cert.gov/cas/techalerts/TA04-217A.html http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://bugzilla.fedora.us/show_bug.cgi?id=1943 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/16894 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11284 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2274 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2378 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A4492 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A594 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7709