Vulnerability Note VU#817368
libpng png_handle_sBIT() performs insufficient bounds checking
The Portable Network Graphics library (libpng) contains a flaw that could introduce a remotely exploitable vulnerability.
The Portable Network Graphics (PNG) image format is used as an alternative to other image formats such as the Graphics Interchange Format (GIF). The libpng reference library is available for application developers to support the PNG image format.
A potentially insufficient bounds check error exists within the png_handle_sBIT() function. A similar error exists in the png_handle_hIST() function. While the code that contains these errors could potentially permit a buffer overflow to occur during a subsequent png_crc_read() operation, it is unclear what practical vulnerabilities they might present in applications using libpng.
The complete impact of this vulnerability is not yet known.
Apply a patch from the vendor
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Gentoo||Affected||-||20 Aug 2004|
|libpng.org||Affected||16 Jul 2004||04 Aug 2004|
|Microsoft Corporation||Affected||16 Jul 2004||14 Jun 2005|
|OpenPKG||Affected||-||20 Aug 2004|
|Slackware||Affected||-||20 Aug 2004|
|Trustix Secure Linux||Affected||-||20 Aug 2004|
|Juniper Networks||Not Affected||16 Jul 2004||23 Jul 2004|
|NEC Corporation||Not Affected||16 Jul 2004||03 Aug 2004|
|Apple Computer Inc.||Unknown||16 Jul 2004||17 May 2005|
|BSDI||Unknown||-||23 Jul 2004|
|Conectiva||Unknown||-||23 Jul 2004|
|Cray Inc.||Unknown||-||23 Jul 2004|
|Debian||Unknown||-||23 Jul 2004|
|eMC Corporation||Unknown||-||23 Jul 2004|
|Engarde||Unknown||-||23 Jul 2004|
CVSS Metrics (Learn More)
Thanks to Chris Evans for reporting this vulnerability.
This document was written by Chad Dougherty and Damon Morda.
- CVE IDs: CAN-2004-0597
- Date Public: 04 Aug 2004
- Date First Published: 04 Aug 2004
- Date Last Updated: 14 Jun 2005
- Severity Metric: 0.76
- Document Revision: 18
If you have feedback, comments, or additional information about this vulnerability, please send us email.