CVE-2004-0597
LibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
5
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-06-23 CVE Reserved
- 2004-08-05 CVE Published
- 2004-08-11 First Exploit
- 2024-08-08 CVE Updated
- 2024-08-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (47)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/393 | 2004-08-13 | |
https://www.exploit-db.com/exploits/389 | 2004-08-11 | |
https://www.exploit-db.com/exploits/25094 | 2005-02-08 | |
http://scary.beasts.org/security/CESA-2004-001.txt | 2024-08-08 | |
http://www.securityfocus.com/bid/10857 | 2024-08-08 |
URL | Date | SRC |
---|---|---|
http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679 | 2018-10-12 | |
http://www.debian.org/security/2004/dsa-536 | 2018-10-12 | |
http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml | 2018-10-12 | |
http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml | 2018-10-12 | |
http://www.novell.com/linux/security/advisories/2004_23_libpng.html | 2018-10-12 | |
http://www.trustix.net/errata/2004/0040 | 2018-10-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Greg Roelofs Search vendor "Greg Roelofs" | Libpng Search vendor "Greg Roelofs" for product "Libpng" | <= 1.2.5 Search vendor "Greg Roelofs" for product "Libpng" and version " <= 1.2.5" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 6.1 Search vendor "Microsoft" for product "Msn Messenger" and version "6.1" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Msn Messenger Search vendor "Microsoft" for product "Msn Messenger" | 6.2 Search vendor "Microsoft" for product "Msn Messenger" and version "6.2" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Media Player Search vendor "Microsoft" for product "Windows Media Player" | 9 Search vendor "Microsoft" for product "Windows Media Player" and version "9" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Messenger Search vendor "Microsoft" for product "Windows Messenger" | 5.0 Search vendor "Microsoft" for product "Windows Messenger" and version "5.0" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows 98se Search vendor "Microsoft" for product "Windows 98se" | * | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Windows Me Search vendor "Microsoft" for product "Windows Me" | * | second_edition |
Affected
|