libpng buffer overflowID: oval:org.mitre.oval:def:7709 | Date: (C)2010-01-15 (M)2022-03-31 |
Class: VULNERABILITY | Family: windows |
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
Platform: |
Microsoft Windows 98 |
Microsoft Windows ME |
Microsoft Windows NT |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |
Microsoft Windows XP |
Microsoft Windows Vista |
Microsoft Windows 7 |
Product: |
Microsoft Windows Messenger |
Microsoft MSN Messenger |
Adobe Acrobat Reader |