Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0599

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0599
Last Modified 21 Aug 2010 12:20:51
Published 23 Nov 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0599

Summary

Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (application crash) via a malformed PNG image.

Vulnerable Systems

Application

  • Greg Roelofs Libpng 1.2.5


References

CERT - TA04-217A

CERT-VN - VU#477512

CERT-VN - VU#286464

CERT-VN - VU#160448

FEDORA - FLSA:1943

BID - 10857

SUSE - SUSE-SA:2004:023

GENTOO - GLSA-200408-22

GENTOO - GLSA-200408-03

DEBIAN - DSA-571

DEBIAN - DSA-570

DEBIAN - DSA-536

FEDORA - FLSA:2089

SCO - SCOSA-2004.16

HP - SSRT4778

BUGTRAQ - 20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png)

XF - lilbpng-integer-bo(16896)

TRUSTIX - 2004-0040

BID - 15495

REDHAT - RHSA-2004:429

REDHAT - RHSA-2004:421

REDHAT - RHSA-2004:402

CONFIRM - http://www.mozilla.org/projects/security/known-vulnerabilities.html

MISC - http://scary.beasts.org/security/CESA-2004-001.txt

APPLE - APPLE-SA-2004-09-09

CONECTIVA - CLA-2004:856

SCO - SCOSA-2005.49

MANDRIVA - MDKSA-2006:213

MANDRIVA - MDKSA-2006:212

MANDRAKE - MDKSA-2004:079

SUNALERT - 200663

SECUNIA - 22958

SECUNIA - 22957


Last Updated: 27 May 2016 10:38:40