1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
PublicDate: 2004-11-23
Candidate: CVE-2004-0597
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0597
Description:
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple
products, allow remote attackers to execute arbitrary code via malformed
PNG images in which (1) the png_handle_tRNS function does not properly
validate the length of transparency chunk (tRNS) data, or the (2)
png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient
bounds checking.
Ubuntu-Description:
Notes:
Bugs:
dapper_libpng: released (1.2.8rel-5ubuntu0.2)
edgy_libpng: released (1.2.8rel-5.1ubuntu0.2)
feisty_libpng: released (1.2.15~beta5-1ubuntu1)
devel_libpng: released (1.2.15~beta5-2)
dapper_libpng3: released (1.2.8rel-1ubuntu3)
edgy_libpng3: released (1.2.8rel-1ubuntu3)
feisty_libpng3: DNE
devel_libpng3: DNE
upstream_libpng:
upstream_libpng3:
|