Lucene search

K
osvGoogleOSV:DSA-536
HistoryAug 04, 2004 - 12:00 a.m.

libpng - several vulnerabilities

2004-08-0400:00:00
Google
osv.dev
12

EPSS

0.964

Percentile

99.6%

Chris Evans discovered several vulnerabilities in libpng:

  • CAN-2004-0597
    Multiple buffer overflows exist, including when
    handling transparency chunk data, which could be exploited to cause
    arbitrary code to be executed when a specially crafted PNG image is
    processed

  • CAN-2004-0598
    Multiple NULL pointer dereferences in
    png_handle_iCPP() and elsewhere could be exploited to cause an
    application to crash when a specially crafted PNG image is processed

  • CAN-2004-0599
    Multiple integer overflows in the png_handle_sPLT(),
    png_read_png() functions and elsewhere could be exploited to cause an
    application to crash, or potentially arbitrary code to be executed,
    when a specially crafted PNG image is processed

In addition, a bug related to CAN-2002-1363 was fixed:

  • CAN-2004-0768
    A buffer overflow could be caused by incorrect
    calculation of buffer offsets, possibly leading to the execution of
    arbitrary code

For the current stable distribution (woody), these problems have been
fixed in libpng3 version 1.2.1-1.1.woody.7 and libpng version
1.0.12-3.woody.7.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you update your libpng and libpng3 packages.