Vulnerability Details : CVE-2004-0597

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Vulnerability category: Execute code

Published 2004-11-23 05:00:00

Updated 2018-10-12 21:34:52

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2004-0597

Probability of exploitation activity in the next 30 days: 96.35%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2004-0597

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2004-0597

Products affected by CVE-2004-0597

Microsoft » Windows 98se
cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Media Player » Version: 9
cpe:2.3:a:microsoft:windows_media_player:9:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Me » Second Edition Edition
cpe:2.3:o:microsoft:windows_me:*:*:second_edition:*:*:*:*:*
Matching versions
Microsoft » Msn Messenger » Version: 6.1
cpe:2.3:a:microsoft:msn_messenger:6.1:*:*:*:*:*:*:*
Matching versions
Microsoft » Msn Messenger » Version: 6.2
cpe:2.3:a:microsoft:msn_messenger:6.2:*:*:*:*:*:*:*
Matching versions
Microsoft » Windows Messenger » Version: 5.0
cpe:2.3:a:microsoft:windows_messenger:5.0:*:*:*:*:*:*:*
Matching versions
Greg Roelofs » Libpng
Versions up to, including, (<=) 1.2.5
cpe:2.3:a:greg_roelofs:libpng:*:*:*:*:*:*:*:*
Matching versions