Skip to content
Medium Published: Aug 18, 2004 Modified: Apr 03, 2025

CVE-2004-0421

5 CVSS Score Medium
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Export CVE-2004-0421 Data:
Share:
Link copied!

Description

The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality None
Integrity None
Availability P

Affected Software Configurations

  • a libpng libpng 1.0.0 * * * * * * *
  • a libpng libpng 1.0.5 * * * * * * *
  • a libpng libpng 1.0.6 * * * * * * *
  • a libpng libpng 1.0.7 * * * * * * *
  • a libpng libpng 1.0.8 * * * * * * *
  • a libpng libpng 1.0.9 * * * * * * *
  • a libpng libpng 1.0.10 * * * * * * *
  • a libpng libpng 1.0.11 * * * * * * *
  • a libpng libpng 1.0.12 * * * * * * *
  • a libpng libpng 1.0.13 * * * * * * *

Weaknesses (CWE)

  • CWE-125

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2004-0183 CVSS 0 Same weakness: CWE-125 CVE-2004-0184 CVSS 0 Same weakness: CWE-125 CVE-2004-0221 CVSS 0 Same weakness: CWE-125 CVE-2004-0112 CVSS 0 Same weakness: CWE-125 CVE-2004-1940 CVSS 0 Same weakness: CWE-125

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Oct 18, 2016 02:45 CVE Modified
Jul 11, 2017 01:30 CVE Modified
Oct 11, 2017 01:29 CVE Modified
Feb 09, 2024 00:27 Modified Analysis
May 14, 2024 01:25 CVE Modified
Nov 20, 2024 23:48 CVE Modified
← Back to CVE Tracker