Back to search
CVE-2002-1185
Published: Sep 1, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service (crash) by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File Failure."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MS02-066
vendor-advisory
x_refsource_MS
6216
vdb-entry
x_refsource_BID
AD20021211
third-party-advisory
x_refsource_EEYE
20021212 PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability
mailing-list
x_refsource_BUGTRAQ
oval:org.mitre.oval:def:542
vdb-entry
signature
x_refsource_OVAL
ie-png-bo(10662)
vdb-entry
x_refsource_XF
20021211 PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability
mailing-list
x_refsource_VULNWATCH
oval:org.mitre.oval:def:393
vdb-entry
signature
x_refsource_OVAL
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now