NEC Corporation Information for VU#817368
libpng png_handle_sBIT() performs insufficient bounds checking
- Vendor Information Help Date Notified: 16 Jul 2004
- Statement Date:
- Date Updated: 03 Aug 2004
sent on August 2, 2004
* E-mail client software "WeMail"
(shareware developped by NEC Communication Systems,Ltd.)
- is NOT vulnerable.
It does not include any code originated from libPNG.
* We continue to try to investigate other products possibly affected
by these vulnerabilities.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.