What is CVE-2004-0597?

CVE-2004-0597 is a vulnerability in N/a. Published 2004-08-05.

Is CVE-2004-0597 known to be exploited?

4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2004-0597

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length…

EPSS: 0.832 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

2004-0040 (vendor-advisory, x_refsource_TRUSTIX)
200663 (vendor-advisory, x_refsource_SUNALERT)
oval:org.mitre.oval:def:2274 (signature, x_refsource_OVAL, vdb-entry)
www.mozilla.org/projects/security/known-vulnerabilities.html (x_refsource_CONFIRM)
RHSA-2004:421 (x_refsource_REDHAT, vendor-advisory)
RHSA-2004:402 (x_refsource_REDHAT, vendor-advisory)
GLSA-200408-22 (vendor-advisory, x_refsource_GENTOO)
22958 (x_refsource_SECUNIA, third-party-advisory)
sunsolve.sun.com/search/document.do (x_refsource_CONFIRM)
FLSA:2089 (vendor-advisory, x_refsource_FEDORA)

Frequently asked questions

What is CVE-2004-0597?: CVE-2004-0597 is a vulnerability in N/a. Published 2004-08-05.
Is CVE-2004-0597 known to be exploited?: 4 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.