|
Microsoft Various Products PNG Image Parsing Vulnerabilities
|
|
Secunia Advisory:
|
SA14174
|
|
|
Release Date:
|
2005-02-08
|
|
Last Update:
|
2005-11-21
|
|
Popularity:
|
14,401 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millenium
Microsoft Windows XP Embedded
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
|
|
| Software: | Microsoft MSN Messenger 6.x
Microsoft Windows Media Player 9.x
Microsoft Windows Messenger 5.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
|
| CVE reference: | CVE-2004-0597
CVE-2004-1244
|
|
Description:
Two vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.
1) Microsoft has acknowledged a vulnerability in Windows Messenger and MSN Messenger when processing PNG image files. This can be exploited to execute arbitrary code on a user's system via a specially crafted PNG image file.
For more information:
SA12219
2) A variant of the first vulnerability exists in Windows Media Player when processing PNG image files containing extremely large width and height values. This can be exploited to execute arbitrary code on a user's system via a specially crafted PNG image when the user e.g visits a malicious web site.
Solution:
Apply patches.
Windows Media Player 9 Series (running on Windows 2000, Windows XP SP1, or Windows Server 2003):
http://www.microsoft.com/downloads/de...=A52279DC-3B6C-4720-8192-45657EDBB14F
Windows Messenger 5.0 (standalone version):
http://www.microsoft.com/downloads/de...=A8D9EB73-5F8C-4B9A-940F-9157A3B3D774
Microsoft MSN Messenger 6.1:
http://www.microsoft.com/downloads/de...=EBE898D8-FE1C-4A5E-993C-5FAB3E62C925
Microsoft MSN Messenger 6.2:
http://www.microsoft.com/downloads/de...=EBE898D8-FE1C-4A5E-993C-5FAB3E62C925
Windows Messenger 4.7.0.2009 (running on Windows XP SP1):
http://www.microsoft.com/downloads/de...=E3DC209B-AD57-49E1-BB90-6FA2CA8763A6
Windows Messenger 4.7.0.3000 (running on Windows XP SP2):
http://www.microsoft.com/downloads/de...=1DCC9628-E2D0-496F-B4F2-3AFEFA0A0156
Windows 98, Windows 98 SE, and Windows ME:
An update is available via Windows Update.
Windows XP Embedded SP2:
http://www.microsoft.com/downloads/de...=e7b6d199-7607-44a8-96fd-5a2386427bd9
Provided and/or discovered by:
1) Juliano Rizzo of Core Security Technologies reported the vulnerability in MSN Messenger.
2) Reported by vendor.
Changelog:
2005-02-09: Added link to US-CERT vulnerability note.
2005-11-21: Added patch information for Windows XP Embedded.
Original Advisory:
MS05-009 (KB890261):
http://www.microsoft.com/technet/security/bulletin/ms05-009.mspx
Core Security Technologies:
http://www.coresecurity.com/common/showdoc.php?idx=421&idxseccion=10
Other References:
SA12219:
http://secunia.com/advisories/12219/
US-CERT VU#259890:
http://www.kb.cert.org/vuls/id/259890
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
