Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2004-0421

Published: 18/08/2004 Updated: 09/02/2024
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Openpkg

Vulnerability Summary

The Portable Network Graphics library (libpng) 1.0.15 and previous versions allows malicious users to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

Vulnerable Product Search on Vulmon Subscribe to Product

openpkg openpkg 2.0

libpng libpng 1.2.2

libpng libpng 1.0.8

libpng libpng 1.2.4

libpng libpng 1.0.14

libpng libpng 1.2.0

openpkg openpkg 1.3

libpng libpng 1.0.11

libpng libpng 1.0.9

libpng libpng 1.0.13

libpng libpng 1.0.6

libpng libpng 1.0.7

libpng libpng 1.2.3

libpng libpng 1.0.5

libpng libpng 1.2.1

redhat libpng 1.2.2-16

libpng libpng 1.0.12

libpng libpng 1.2.5

libpng libpng 1.0.0

redhat libpng 1.2.2-20

libpng libpng 1.0.10

trustix secure linux 2.0

redhat enterprise linux desktop 3.0

redhat enterprise linux 2.1

trustix secure linux 2.1

redhat enterprise linux 3.0

Vendor Advisories

Red Hat: libpng security update
Synopsis libpng security update Type/Severity Security Advisory: Important Topic Updated libpng packages that fix a out of bounds memory access are nowavailable Description The libpng package contains a library of functions for creating andmanipulating PNG (Portable Network Graphics) image ...
Debian CVElist Bug Report Logs: CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1.2.23+
Debian Bug report logs - #632786 CVE-2011-2501 libpng: regression of CVE-2004-0421 in 1223+ Package: libpng; Maintainer for libpng is Anibal Monsalve Salazar <anibal@debianorg>; Reported by: Aníbal Monsalve Salazar <anibal@debianorg> Date: Tue, 5 Jul 2011 23:03:02 UTC Severity: critical Tags: patch, security F ...
Debian Security Advisories: DSA-498-1 libpng -- out of bound access
Steve Grubb discovered a problem in the Portable Network Graphics library libpng which is utilised in several applications When processing a broken PNG image, the error handling routine will access memory that is out of bounds when creating an error message Depending on machine architecture, bounds checking and other protective measures, this pro ...

References

CWE-125http://www.securityfocus.com/bid/10244http://www.redhat.com/support/errata/RHSA-2004-180.htmlhttp://lists.apple.com/mhonarc/security-announce/msg00056.htmlhttp://www.debian.org/security/2004/dsa-498http://www.redhat.com/support/errata/RHSA-2004-181.htmlhttp://secunia.com/advisories/22957http://secunia.com/advisories/22958http://www.mandriva.com/security/advisories?name=MDKSA-2004:040http://www.mandriva.com/security/advisories?name=MDKSA-2006:212http://www.mandriva.com/security/advisories?name=MDKSA-2006:213http://marc.info/?l=bugtraq&m=108334922320309&w=2http://marc.info/?l=bugtraq&m=108335030208523&w=2http://marc.info/?l=fedora-announce-list&m=108451350029261&w=2http://marc.info/?l=fedora-announce-list&m=108451353608968&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/16022https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A971https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11710https://access.redhat.com/errata/RHSA-2004:180https://www.debian.org/security/./dsa-498https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook