CVE - CVE - 2004 - 0597

CVE-ID
cve - 2004 - 0597	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
多个缓冲区溢出libpng 1.2.5早些时候,用于多个产品,允许远程攻击者执行任意代码通过畸形PNG图像,(1)png_handle_tRNS函数不正确验证透明度(环境)的数据块的长度,或(2)png_handle_sBIT或(3)png_handle_hIST函数不执行足够的边界检查。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
苹果:苹果- sa - 2004 - 09 - 09年 URL: http://lists.apple.com/mhonarc/security-announce/msg00056.html 报价:10857 URL: http://www.securityfocus.com/bid/10857 报价:15495 URL: http://www.securityfocus.com/bid/15495 BUGTRAQ: 20040804 [OpenPKG - sa - 2004.035] OpenPKG安全顾问(png) URL: http://marc.info/?l=bugtraq&m=109163866717909&w=2 BUGTRAQ: 20050209 MSN Messenger PNG图像下载Shellcoded利用缓冲区溢出 URL: http://marc.info/?l=bugtraq&m=110796779903455&w=2 证书:ta04 - 217 a URL: http://www.us cert.gov/cas/techalerts/ta04 - 217 a.html 证书:ta05 - 039 a URL: http://www.us cert.gov/cas/techalerts/ta05 - 039 a.html CERT-VN: VU # 388984 URL: http://www.kb.cert.org/vuls/id/388984 CERT-VN: VU # 817368 URL: http://www.kb.cert.org/vuls/id/817368 CONECTIVA: CLA-2004:856 URL:~~http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000856~~(过时的源-检查机器Wayback存档) 确认:~~http://sunsolve.sun.com/search/document.do?assetkey=urn: cd: docid: 1-21-114816-02-1~~(过时的来源) 确认:http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679 确认:http://www.mozilla.org/projects/security/known-vulnerabilities.html DEBIAN: dsa - 536 URL: http://www.debian.org/security/2004/dsa - 536 FEDORA:《公平劳动标准法案》的规定:1943 URL: https://bugzilla.fedora.us/show_bug.cgi?id=1943 FEDORA:《公平劳动标准法案》的规定:2089 URL: http://marc.info/?l=bugtraq&m=109900315219363&w=2 GENTOO: glsa - 200408 - 03 URL: http://www.gentoo.org/security/en/glsa/glsa - 200408 - 03. - xml GENTOO: glsa - 200408 - 22所示 URL: http://www.gentoo.org/security/en/glsa/glsa - 200408 - 22. - xml 惠普:SSRT4778 URL: http://marc.info/?l=bugtraq&m=109181639602978&w=2 曼德拉草:MDKSA-2004:079 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2004:079~~(过时的来源) MANDRIVA: MDKSA-2006:212 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:212~~(过时的来源) MANDRIVA: MDKSA-2006:213 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:213~~(过时的来源) MISC: http://scary.beasts.org/security/cesa - 2004 - 001. - txt MISC: http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10 迈克尔-舒马赫:ms05 - 009 URL: https://docs.microsoft.com/en - us/security updates/securitybulletins/2005/ms05 - 009 椭圆形椭圆形:org.mitre.oval: def: 11284 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11284 椭圆形椭圆形:org.mitre.oval: def: 2274 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2274 椭圆形椭圆形:org.mitre.oval: def: 2378 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2378 椭圆形椭圆形:org.mitre.oval: def: 4492 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4492 椭圆形椭圆形:org.mitre.oval: def: 594 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A594 椭圆形椭圆形:org.mitre.oval: def: 7709 URL: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7709 红帽:RHSA-2004:402 URL: http://www.redhat.com/support/errata/rhsa - 2004 - 402. - html 红帽:RHSA-2004:421 URL: http://www.redhat.com/support/errata/rhsa - 2004 - 421. - html 红帽:RHSA-2004:429 URL: http://www.redhat.com/support/errata/rhsa - 2004 - 429. - html 上海合作组织:scosa - 2004.16 URL: http://marc.info/?l=bugtraq&m=109761239318458&w=2 上海合作组织:scosa - 2005.49 URL: ftp://ftp.sco.com/pub/updates/openserver/scosa - 2005.49 / - scosa 2005.49.txt SECUNIA: 22957 URL: http://secunia.com/advisories/22957 SECUNIA: 22958 URL: http://secunia.com/advisories/22958 SUNALERT: 200663 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1 - 66 - 200663 - 1~~(过时的来源) SUSE: SUSE-SA: 2004:023 URL: http://www.novell.com/linux/security/advisories/2004_23_libpng.html TRUSTIX: 2004 - 0040 URL:~~http://www.trustix.net/errata/2004/0040/~~(过时的源-检查机器Wayback存档) 核心VULNWATCH: 20050208 - 2004 - 0819: MSN Messenger PNG图像解析漏洞 XF: libpng-pnghandle-bo (16894) URL: https://exchange.xforce.ibmcloud.com/vulnerabilities/16894
分配中央社
主教法冠公司
创建日期记录
20040623	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
分配(20040623)
票(遗留)

评论(遗留)

提出(遗留)
N /一个
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

回到顶部

cve - 2004 - 0597