MSN: Invalid PNG Height
This signature detects invalid PNG (Portable Network Graphic) files sent through MSN messenger. PNG images are typically used for iconic emoticons such as smilies ( :-) ). A malicious user can send a vulnerable chat client an invalid PNG file to cause a buffer overflow, enabling the user to remotely execute arbitrary code.
Extended Description
A remote buffer overflow vulnerability affects the Portable Network Graphics (PNG) image format processing functionality of Microsoft Windows Media Player. This issue is due to a failure of the application to properly validate the size of image data prior to copying it into static process buffers. An attacker may exploit this issue to execute arbitrary code with the privileges of the SYSTEM user. This will facilitate unauthorized access and privilege escalation.
Affected Products
Nortel_networks symposium_call_center_server_(sccs)
Short Name
CHAT:MSN:INVALID:PNG-HEIGHT
Severity
Minor
Recommended
False
Recommended Action
None
Category
CHAT
Keywords
CVE-2004-1244 Height Invalid PNG bid:12485
Release Date
02/08/2005
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
7.5