CVE-2004-0597

Impact:
Critical
Public Date:
2004-08-04

The MITRE CVE dictionary describes this issue as:

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Find out more about CVE-2004-0597 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 2.1 (libpng) RHSA-2004:402 2004-08-04
Red Hat Enterprise Linux 3 RHSA-2004:402 2004-08-04
Red Hat Enterprise Linux 2.1 RHSA-2004:429 2004-08-18
Red Hat Enterprise Linux 2.1 RHSA-2004:421 2004-08-04
Red Hat Enterprise Linux 3 (mozilla) RHSA-2004:421 2004-08-04

Acknowledgements

Red Hat would like to thank Chris Evans for discovering these issues.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.