CVE-2004-0421
CAN-2004-0421 libpng can access out of bounds memory
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
La librería de Graficos de Red Portables (libpng) 1.0.15 y anteriores permiten a atacantes causar una denegación de servicio (caída) mediante un fichero de imagen PNG que dispara un error que causa un lectura fuera de límites cuando se crea el mensaje de error.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-04-19 CVE Reserved
- 2004-05-03 CVE Published
- 2024-05-20 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (19)
URL | Tag | Source |
---|---|---|
http://marc.info/?l=bugtraq&m=108334922320309&w=2 | Mailing List | |
http://secunia.com/advisories/22957 | Broken Link | |
http://secunia.com/advisories/22958 | Broken Link | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16022 | Broken Link | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710 | Broken Link | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.redhat.com/support/errata/RHSA-2004-180.html | 2024-02-09 | |
http://www.securityfocus.com/bid/10244 | 2024-02-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.0 Search vendor "Libpng" for product "Libpng" and version "1.0.0" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.5 Search vendor "Libpng" for product "Libpng" and version "1.0.5" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.6 Search vendor "Libpng" for product "Libpng" and version "1.0.6" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.7 Search vendor "Libpng" for product "Libpng" and version "1.0.7" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.8 Search vendor "Libpng" for product "Libpng" and version "1.0.8" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.9 Search vendor "Libpng" for product "Libpng" and version "1.0.9" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.10 Search vendor "Libpng" for product "Libpng" and version "1.0.10" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.11 Search vendor "Libpng" for product "Libpng" and version "1.0.11" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.12 Search vendor "Libpng" for product "Libpng" and version "1.0.12" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.13 Search vendor "Libpng" for product "Libpng" and version "1.0.13" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.0.14 Search vendor "Libpng" for product "Libpng" and version "1.0.14" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.2.0 Search vendor "Libpng" for product "Libpng" and version "1.2.0" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.2.1 Search vendor "Libpng" for product "Libpng" and version "1.2.1" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.2.2 Search vendor "Libpng" for product "Libpng" and version "1.2.2" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.2.3 Search vendor "Libpng" for product "Libpng" and version "1.2.3" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.2.4 Search vendor "Libpng" for product "Libpng" and version "1.2.4" | - |
Affected
| ||||||
Libpng Search vendor "Libpng" | Libpng Search vendor "Libpng" for product "Libpng" | 1.2.5 Search vendor "Libpng" for product "Libpng" and version "1.2.5" | - |
Affected
| ||||||
Openpkg Search vendor "Openpkg" | Openpkg Search vendor "Openpkg" for product "Openpkg" | 1.3 Search vendor "Openpkg" for product "Openpkg" and version "1.3" | - |
Affected
| ||||||
Openpkg Search vendor "Openpkg" | Openpkg Search vendor "Openpkg" for product "Openpkg" | 2.0 Search vendor "Openpkg" for product "Openpkg" and version "2.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Libpng Search vendor "Redhat" for product "Libpng" | 1.2.2-16 Search vendor "Redhat" for product "Libpng" and version "1.2.2-16" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Libpng Search vendor "Redhat" for product "Libpng" | 1.2.2-20 Search vendor "Redhat" for product "Libpng" and version "1.2.2-20" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 2.1 Search vendor "Redhat" for product "Enterprise Linux" and version "2.1" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 3.0 Search vendor "Redhat" for product "Enterprise Linux" and version "3.0" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Enterprise Linux Desktop Search vendor "Redhat" for product "Enterprise Linux Desktop" | 3.0 Search vendor "Redhat" for product "Enterprise Linux Desktop" and version "3.0" | - |
Affected
| ||||||
Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.0 Search vendor "Trustix" for product "Secure Linux" and version "2.0" | - |
Affected
| ||||||
Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.1 Search vendor "Trustix" for product "Secure Linux" and version "2.1" | - |
Affected
|