NEC Corporation Information for VU#817368

libpng png_handle_sBIT() performs insufficient bounds checking

Status

Not Affected

Vendor Statement

sent on August 2, 2004

[Software Products]

* E-mail client software "WeMail"
  (shareware developped by NEC Communication Systems,Ltd.)
- is NOT vulnerable.
It does not include any code originated from libPNG.

* We continue to try to investigate other products possibly affected
  by these vulnerabilities.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.