FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2004-0421

This CVE name corresponds to:

Entered Topic
2004-05-02 libpng denial-of-service

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2004-0421 at cve.mitre.org

Details

Type Candidate
Name CVE-2004-0421
Phase Assigned(20040419)

Description

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

References

Source Reference
APPLE APPLE-SA-2004-09-09
DEBIAN DSA-498
MANDRAKE MDKSA-2004:040
MANDRIVA MDKSA-2006:212
MANDRIVA MDKSA-2006:213
REDHAT RHSA-2004:180
REDHAT RHSA-2004:181
BUGTRAQ 20040429 [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png)
TRUSTIX 2004-0025
FEDORA FEDORA-2004-105
FEDORA FEDORA-2004-106
BID 10244
OVAL oval:org.mitre.oval:def:11710
SECUNIA 22957
SECUNIA 22958
XF libpng-png-dos(16022)
OVAL oval:org.mitre.oval:def:971

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.