Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0598

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0598
Last Modified 21 Aug 2010 12:20:51
Published 23 Nov 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0598

Summary

The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.

Vulnerable Systems

Application

  • Greg Roelofs Libpng 1.2.5


References

CERT - TA04-217A

CERT-VN - VU#236656

FEDORA - FLSA:1943

XF - libpng-pnghandleiccp-dos(16895)

BID - 10857

SUSE - SUSE-SA:2004:023

GENTOO - GLSA-200408-22

GENTOO - GLSA-200408-03

DEBIAN - DSA-536

SCO - SCOSA-2004.16

HP - SSRT4778

TRUSTIX - 2004-0040

REDHAT - RHSA-2004:429

REDHAT - RHSA-2004:402

CONFIRM - http://www.mozilla.org/projects/security/known-vulnerabilities.html

MISC - http://scary.beasts.org/security/CESA-2004-001.txt

BUGTRAQ - 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png)

CONECTIVA - CLA-2004:856

MANDRIVA - MDKSA-2006:213

MANDRIVA - MDKSA-2006:212

MANDRAKE - MDKSA-2004:079

SUNALERT - 200663

SECUNIA - 22958

SECUNIA - 22957


Last Updated: 27 May 2016 10:38:40