Signature Detail

HTTP: Invalid PNG Height

This signature detects PNG (Portable Network Graphic) files with invalid height parameters. Programs such as Web browsers or e-mail clients might be vulnerable to denial of service attacks or can execute code when reading malicious PNG files.

Extended Description

The GD Graphics Library (gdlib) is affected by an integer overflow that facilitates a heap overflow. This issue is due to the library's failure to do proper sanity checking on size values contained within image-format files. An attacker may leverage this issue to manipulate process heap memory, potentially leading to code execution and compromise of the computer running the affected library.

Affected Products

• Avaya Converged Communications Server 2.0.0
• Avaya Intuity LX
• Avaya MN100
• Avaya Modular Messaging S3400
• Avaya Modular Messaging (MSS) 1.1.0
• Avaya Modular Messaging (MSS) 2.0.0
• Avaya Network Routing
• Avaya S8300 R2.0.0
• Avaya S8300 R2.0.1
• Avaya S8500 R2.0.0
• Avaya S8500 R2.0.1
• Avaya S8700 R2.0.0
• Avaya S8700 R2.0.1
• Avaya S8710 R2.0.0
• Avaya S8710 R2.0.1
• GD Graphics Library gdlib 1.8.4
• GD Graphics Library gdlib 2.0.1
• GD Graphics Library gdlib 2.0.15
• GD Graphics Library gdlib 2.0.20
• GD Graphics Library gdlib 2.0.21
• GD Graphics Library gdlib 2.0.22
• GD Graphics Library gdlib 2.0.23
• GD Graphics Library gdlib 2.0.26
• GD Graphics Library gdlib 2.0.27
• GD Graphics Library gdlib 2.0.28
• Gentoo Linux
• Mandriva Corporate Server 3.0.0
• Mandriva Corporate Server 3.0.0 X86 64
• Mandriva Linux Mandrake 10.2.0
• Mandriva Linux Mandrake 10.2.0 X86 64
• Mandriva Linux Mandrake 2006.0.0
• Mandriva Linux Mandrake 2006.0.0 X86 64
• Mandriva Multi Network Firewall 2.0.0
• OpenPKG 2.1.0
• OpenPKG 2.2.0
• OpenPKG Current
• Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
• Red Hat Desktop 3.0.0
• Red Hat Enterprise Linux AS 2.1
• Red Hat Enterprise Linux AS 3
• Red Hat Enterprise Linux ES 2.1
• Red Hat Enterprise Linux ES 3
• Red Hat Enterprise Linux WS 2.1
• Red Hat Enterprise Linux WS 3
• rPath rPath Linux 1
• SGI Advanced Linux Environment 3.0.0
• SGI ProPack 3.0.0
• SuSE Linux 8.0.0
• SuSE Linux 8.1.0
• SuSE Linux Desktop 1.0.0
• SuSE Linux Personal 10.0.0 OSS
• SuSE Linux Personal 8.2.0
• SuSE Linux Personal 9.0.0
• SuSE Linux Personal 9.0.0 X86 64
• SuSE Linux Personal 9.1.0
• SuSE Linux Personal 9.1.0 X86 64
• SuSE Linux Personal 9.2.0
• SuSE Linux Personal 9.2.0 X86 64
• SuSE Linux Personal 9.3.0
• SuSE Linux Personal 9.3.0 X86 64
• SuSE Linux Professional 10.0.0 OSS
• SuSE Linux Professional 8.2.0
• SuSE Linux Professional 9.0.0
• SuSE Linux Professional 9.0.0 X86 64
• SuSE Linux Professional 9.1.0
• SuSE Linux Professional 9.1.0 X86 64
• SuSE Linux Professional 9.2.0
• SuSE Linux Professional 9.2.0 X86 64
• SuSE Linux Professional 9.3.0
• SuSE Linux Professional 9.3.0 X86 64
• SuSE Novell Linux Desktop 9.0.0
• SuSE Open-Enterprise-Server 9.0.0
• SuSE SUSE Linux Enterprise Server 8
• SuSE SUSE Linux Enterprise Server 9
• SuSE SuSE Linux Openexchange Server 4.0.0
• SuSE SUSE LINUX Retail Solution 8.0.0
• SuSE SuSE Linux School Server for i386
• SuSE SuSE Linux Standard Server 8.0.0
• Trustix Secure Enterprise Linux 2.0.0
• Trustix Secure Linux 1.5.0
• Trustix Secure Linux 2.0.0
• Trustix Secure Linux 2.1.0
• Trustix Secure Linux 2.2.0
• Turbolinux Appliance Server 2.0
• Turbolinux FUJI
• Turbolinux Home
• Turbolinux 10 F...
• Turbolinux FUJI
• Turbolinux Turbolinux Desktop 10.0.0
• Turbolinux Turbolinux Server 10.0.0
• Turbolinux Turbolinux Server 10.0.0 X64
• Ubuntu Ubuntu Linux 4.1.0 Ia32
• Ubuntu Ubuntu Linux 4.1.0 Ia64
• Ubuntu Ubuntu Linux 4.1.0 Ppc

References

• BugTraq: 11523
• CVE: CVE-2004-0990
• URL: http://xforce.iss.net/xforce/xfdb/17866