CVE-2004-0597 – LibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0597
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. • https://www.exploit-db.com/exploits/393 https://www.exploit-db.com/exploits/389 https://www.exploit-db.com/exploits/25094 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856 http://lists.apple.com/mhonarc/security-announce/msg00056.html http://marc.info/?l=bugtraq&m=109163866717909&w=2 http://marc.info/?l=bugtraq&m=109181639602978&w=2 http://marc.info/?l=bugtraq&m=1097612393 •
CVE-2004-1244
https://notcve.org/view.php?id=CVE-2004-1244
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability." • http://www.kb.cert.org/vuls/id/259890 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009 https://exchange.xforce.ibmcloud.com/vulnerabilities/19096 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1306 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1568 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A23 •
CVE-2003-1107
https://notcve.org/view.php?id=CVE-2003-1107
The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions. • http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B828026 http://www.kb.cert.org/vuls/id/222044 https://exchange.xforce.ibmcloud.com/vulnerabilities/13375 •
CVE-2003-0604
https://notcve.org/view.php?id=CVE-2003-0604
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. Windows Media Player (WMP) 7 y 8, corriendo en Internet Explorer y posiblemente otros productos de Microsoft que procesan HTML, permite a atacantes remotos saltarse restricciones de zona y acceder o ejecutar ficheros arbitrarios mediante una etiqueta IFRAME apuntando a un fichero ADF cuyo "Content-location" contiene una URL de tipo "File://". • http://marc.info/?l=bugtraq&m=105899261818572&w=2 http://marc.info/?l=bugtraq&m=105906867322856&w=2 http://marc.info/?l=ntbugtraq&m=105899408520292&w=2 http://marc.info/?l=ntbugtraq&m=105906261314411&w=2 http://www.malware.com/once.again%21.html http://www.pivx.com/larholm/unpatched •
CVE-2003-0348
https://notcve.org/view.php?id=CVE-2003-0348
A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. Un cierto control ActiveX de Microsoft Windows Media Player 9 Series permite a atacantes remotos ver y manipular la Libreria de Medios en el sistema local mediante script HTML. • http://www.kb.cert.org/vuls/id/320516 http://www.securityfocus.com/bid/8034 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-021 https://exchange.xforce.ibmcloud.com/vulnerabilities/12440 •