DescriptionMultiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
|National Vulnerability Database|
- SUSE-SA:2004:023, published Wednesday, Aug 4th 2004 16:00 MEST
- SUSE-SA:2004:030, published Monday, Sept 6th 15:00:00 MEST 2004
- SUSE-SA:2004:032, published Wednesday, Sep 15th 2004 16:00 MEST
- SUSE-SA:2004:033, published Wednesday, Sep 17th 2004 12:00 MEST
- SUSE-SA:2004:034, published Friday, Sep 17th 2004 14:23 MEST
- SUSE-SA:2004:035, published Tuesday, Oct 5th 2004 16:53:01 MEST