Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2004-0597

Опубликовано: 23 нояб. 2004
Источник: ubuntu
Приоритет: medium
EPSS Высокий
CVSS2: 10

Описание

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

РелизСтатусПримечание
dapper

released

1.2.8rel-5ubuntu0.2
devel

released

1.2.15~beta5-2
edgy

released

1.2.8rel-5.1ubuntu0.2
feisty

released

1.2.15~beta5-1ubuntu1
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

1.2.8rel-1ubuntu3
devel

DNE

edgy

released

1.2.8rel-1ubuntu3
feisty

DNE

upstream

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 99%
0.84316
Высокий

10 Critical

CVSS2

Связанные уязвимости

redhat
около 21 года назад

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

nvd
больше 20 лет назад

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

debian
больше 20 лет назад

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in mult ...

github
больше 3 лет назад

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

fstec
больше 20 лет назад

Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации

EPSS

Процентиль: 99%
0.84316
Высокий

10 Critical

CVSS2