Vulnerability in PNG Processing Could Allow Remote Code Execution

Reported February 8, 2005 by Microsoft

VERSIONS AFFECTED


  • Windows Media Player 9

  • Windows Messenger 5.0, 6.1, and 6.2

DESCRIPTION

Vulnerabilities exist because of the way the affected software handles PNG files. A remote intruder could use malicious Web content that contains corrupt or malformed PNG files to execute codeon the affected system. A successful exploit could allow the intruder to take complete control of the system.

VENDOR RESPONSE

Microsoft has released Security Bulletin MS05-009, "Vulnerability in PNG Processing Could Allow Remote Code Execution (890261)," and a patch to correct the problem.

CREDIT
Carlos Sarraute of Core Security Technologies


TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish