OpenBSD VuXML: Documenting security issues in the OpenBSD Ports & Packages Collection

png -- stack-based buffer overflow and other code concerns

Affected packages
		png	<	1.2.5p5

Details

VuXML ID	6be50b40-e72e-11d8-8bde-00304f19272c
Discovery	2004-08-04
Entry	2004-08-04
Modified	2004-08-05

Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS (Denial of Service).

References

CERT/CC Vulnerability Note	160448
CERT/CC Vulnerability Note	236656
CERT/CC Vulnerability Note	286464
CERT/CC Vulnerability Note	388984
CERT/CC Vulnerability Note	477512
CERT/CC Vulnerability Note	817368
CVE Name	CAN-2004-0597
CVE Name	CAN-2004-0598
CVE Name	CAN-2004-0599
Message	Pine.LNX.4.58.0408041840080.20655@sphinx.mythic-beasts.com
URL	http://bugzilla.mozilla.org/show_bug.cgi?id=251381
URL	http://scary.beasts.org/security/CESA-2004-001.txt
URL	http://www.osvdb.org/8312
URL	http://www.osvdb.org/8313
URL	http://www.osvdb.org/8314
URL	http://www.osvdb.org/8315
URL	http://www.osvdb.org/8316

Copyright © 2003-2005 Jacques Vidrine, Robert Nagy, and contributors.
Please see the source of this document for full copyright information.