FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

libpng denial-of-service

Affected packages
linux-png <= 1.0.14_3
1.2 <= linux-png <= 1.2.2
png < 1.2.5_4

Details

VuXML ID 3a408f6f-9c52-11d8-9366-0020ed76ef5a
Discovery 2004-04-29
Entry 2004-05-02
Modified 2004-08-12

Steve Grubb reports a buffer read overrun in libpng's png_format_buffer function. A specially constructed PNG image processed by an application using libpng may trigger the buffer read overrun and possibly result in an application crash.

References

Bugtraq ID 10244
CVE Name CVE-2004-0421
URL http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120508
URL http://rhn.redhat.com/errata/RHSA-2004-181.html
URL http://secunia.com/advisories/11505
URL http://www.osvdb.org/5726