Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2004-0597

Date: August 4, 2004

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Severity Score

Related Resources (45)

http://www.us-cert.gov/cas/techalerts/TA05-039A.html
http://www.mozilla.org/projects/security/known-vulnerabilities.html
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://www.trustix.net/errata/2004/0040/
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-009
http://lists.apple.com/mhonarc/security-announce/msg00056.html
http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml
http://www.novell.com/linux/security/advisories/2004_23_libpng.html
http://www.debian.org/security/2004/dsa-536
http://www.mandriva.com/security/advisories?name=MDKSA-2006:212
http://www.securityfocus.com/bid/10857
http://www.kb.cert.org/vuls/id/388984
http://www.mandriva.com/security/advisories?name=MDKSA-2006:213
https://bugzilla.fedora.us/show_bug.cgi?id=1943
http://www.redhat.com/support/errata/RHSA-2004-429.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284
https://exchange.xforce.ibmcloud.com/vulnerabilities/16894
http://sunsolve.sun.com/search/document.do?assetkey=urn:cds:docid:1-21-114816-02-1
http://www.securityfocus.com/bid/15495
http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679
http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml
http://secunia.com/advisories/22958
https://nvd.nist.gov/vuln/detail/CVE-2004-0597
http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10
https://people.canonical.com/~ubuntu-security/cve/CVE-2004-0597
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492
http://marc.info/?l=bugtraq&m=110796779903455&w=2
http://www.redhat.com/support/errata/RHSA-2004-421.html
http://marc.info/?l=bugtraq&m=109900315219363&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274
http://scary.beasts.org/security/CESA-2004-001.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2004:079
http://marc.info/?l=bugtraq&m=109761239318458&w=2
http://secunia.com/advisories/22957
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378
http://marc.info/?l=bugtraq&m=109181639602978&w=2
http://marc.info/?l=bugtraq&m=109163866717909&w=2
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594
http://www.us-cert.gov/cas/techalerts/TA04-217A.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709
http://www.kb.cert.org/vuls/id/817368
http://www.redhat.com/support/errata/RHSA-2004-402.html
https://www.mend.io/vulnerability-database/CVE-2004-0597

Severity Score

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us