CVE - CVE-2004-0598

CVE-ID
CVE-2004-0598	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2004-09-09 URL:http://lists.apple.com/mhonarc/security-announce/msg00056.html BID:10857 URL:http://www.securityfocus.com/bid/10857 BUGTRAQ:20040804 [OpenPKG-SA-2004.035] OpenPKG Security Advisory (png) URL:http://marc.info/?l=bugtraq&m=109163866717909&w=2 CERT:TA04-217A URL:http://www.us-cert.gov/cas/techalerts/TA04-217A.html CERT-VN:VU#236656 URL:http://www.kb.cert.org/vuls/id/236656 CONECTIVA:CLA-2004:856 URL:~~http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856~~ (Obsolete source - check if archived by the Wayback Machine) CONFIRM:http://www.mozilla.org/projects/security/known-vulnerabilities.html DEBIAN:DSA-536 URL:http://www.debian.org/security/2004/dsa-536 FEDORA:FLSA:1943 URL:https://bugzilla.fedora.us/show_bug.cgi?id=1943 GENTOO:GLSA-200408-03 URL:http://www.gentoo.org/security/en/glsa/glsa-200408-03.xml GENTOO:GLSA-200408-22 URL:http://www.gentoo.org/security/en/glsa/glsa-200408-22.xml HP:SSRT4778 URL:http://marc.info/?l=bugtraq&m=109181639602978&w=2 MANDRAKE:MDKSA-2004:079 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2004:079~~ (Obsolete source) MANDRIVA:MDKSA-2006:212 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:212~~ (Obsolete source) MANDRIVA:MDKSA-2006:213 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:213~~ (Obsolete source) MISC:http://scary.beasts.org/security/CESA-2004-001.txt OVAL:oval:org.mitre.oval:def:10203 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10203 OVAL:oval:org.mitre.oval:def:2572 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2572 REDHAT:RHSA-2004:402 URL:http://www.redhat.com/support/errata/RHSA-2004-402.html REDHAT:RHSA-2004:429 URL:http://www.redhat.com/support/errata/RHSA-2004-429.html SCO:SCOSA-2004.16 URL:http://marc.info/?l=bugtraq&m=109761239318458&w=2 SECUNIA:22957 URL:http://secunia.com/advisories/22957 SECUNIA:22958 URL:http://secunia.com/advisories/22958 SUNALERT:200663 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-66-200663-1~~ (Obsolete source) SUSE:SUSE-SA:2004:023 URL:http://www.novell.com/linux/security/advisories/2004_23_libpng.html TRUSTIX:2004-0040 URL:~~http://www.trustix.net/errata/2004/0040/~~ (Obsolete source - check if archived by the Wayback Machine) XF:libpng-pnghandleiccp-dos(16895) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/16895
Assigning CNA
MITRE Corporation
Date Record Created
20040623	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20040623)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)