Published: 20/10/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

libpng 1.2.5 and previous versions does not properly calculate certain buffer offsets, which could allow remote malicious users to execute arbitrary code via a buffer overflow attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
greg roelofs libpng3 1.2.3
greg roelofs libpng3 1.2.4
greg roelofs libpng3 1.2.5
greg roelofs libpng3 1.2.0
greg roelofs libpng3 1.2.1
greg roelofs libpng3 1.2.2

Chris Evans discovered several vulnerabilities in libpng: CAN-2004-0597 Multiple buffer overflows exist, including when handling transparency chunk data, which could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is processed CAN-2004-0598 Multiple NULL pointer dereferences in png_handle_iCPP() and els ...

NVD-CWE-Other http://www.debian.org/security/2004/dsa-536 https://bugzilla.fedora.us/show_bug.cgi?id=1943 http://secunia.com/advisories/33137 http://security.gentoo.org/glsa/glsa-200812-15.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/16914 https://nvd.nist.gov https://www.debian.org/security/./dsa-536

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2004-0768

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect