Title
Уязвимость в de-netscape7, firefox, fr-netscape7, ja-netscape7, ja-netscape-communicator-linux, ja-netscape-navigator-linux, ko-netscape-communicator-linux, ko-netscape-navigator-linux, linux-mozilla, linux-mozilla-devel, linux-netscape-communicator, linux-netscape-navigator, linux-png, mozilla, mozilla-gtk1, netscape7, netscape-communicator, netscape-navigator, png, pt_BR-netscape7, thunderbird (CVE-2004-0597)
Description
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.