CVE-2004-0597

CVE Database · CVE-2004-0597

CVE-2004-0597

· N/AModified

CVSS v3.1

N/A

EPSS

82.54%

Published

Nov 23, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (4)

All weaponized →

Exploit-DBLibPNG 1.2.5 - 'png_jmpbuf()' Local Buffer Overflow Exploit-DBLibPNG Graphics Library - Remote Buffer Overflow Exploit-DBMicrosoft MSN Messenger 6.2.0137 - '.png' Remote Buffer Overflow TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.

Affected Products (7)

greg_roelofs · libpngvulnerable

microsoft · msn_messengervulnerable

microsoft · windows_media_playervulnerable

microsoft · windows_messengervulnerable

microsoft · windows_98sevulnerable

microsoft · windows_mevulnerable

References (20)

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856

http://lists.apple.com/mhonarc/security-announce/msg00056.html

http://marc.info/?l=bugtraq&m=109163866717909&w=2