Multiple buffer overflows in libpng 1.2.5 and previous versions, as used in multiple products, allow remote malicious users to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft windows messenger 5.0 |
||
greg roelofs libpng |
||
microsoft msn messenger 6.1 |
||
microsoft msn messenger 6.2 |
||
microsoft windows media player 9 |
||
microsoft windows 98se |
||
microsoft windows me |