CVE Vulnerabilities

CVE-2004-0421

Published: Aug 18, 2004 | Modified: Oct 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

Affected Software

Name Vendor Start Version End Version
Libpng Greg_roelofs 1.0 1.0
Libpng Greg_roelofs 1.0.5 1.0.5
Libpng Greg_roelofs 1.0.6 1.0.6
Libpng Greg_roelofs 1.0.7 1.0.7
Libpng Greg_roelofs 1.0.8 1.0.8
Libpng Greg_roelofs 1.0.9 1.0.9
Libpng Greg_roelofs 1.0.10 1.0.10
Libpng Greg_roelofs 1.0.11 1.0.11
Libpng Greg_roelofs 1.0.12 1.0.12
Libpng Greg_roelofs 1.0.13 1.0.13
Libpng Greg_roelofs 1.0.14 1.0.14
Libpng3 Greg_roelofs 1.2.0 1.2.0
Libpng3 Greg_roelofs 1.2.1 1.2.1
Libpng3 Greg_roelofs 1.2.2 1.2.2
Libpng3 Greg_roelofs 1.2.3 1.2.3
Libpng3 Greg_roelofs 1.2.4 1.2.4
Libpng3 Greg_roelofs 1.2.5 1.2.5
Openpkg Openpkg 1.3 1.3
Openpkg Openpkg 2.0 2.0
Libpng Redhat 1.2.2-16 1.2.2-16
Libpng Redhat 1.2.2-16 1.2.2-16
Libpng Redhat 1.2.2-20 1.2.2-20
Libpng Redhat 1.2.2-20 1.2.2-20
Libpng Redhat 10.1.0.13.8 10.1.0.13.8
Libpng Redhat 10.1.0.13.8 10.1.0.13.8
Libpng Redhat 10.1.0.13.11 10.1.0.13.11
Libpng Redhat 10.1.0.13.11 10.1.0.13.11
Red Hat Enterprise Linux 3 RedHat libpng-2:1.2.2-21 *
Red Hat Enterprise Linux 3 RedHat libpng10-0:1.0.13-12 *
Red Hat Linux 9 RedHat libpng *
Libpng Ubuntu dapper *
Libpng Ubuntu devel *
Libpng Ubuntu edgy *
Libpng Ubuntu feisty *
Libpng3 Ubuntu dapper *
Libpng3 Ubuntu edgy *

References