Bloodhound.Exploit.24

Risk Level 1: Very Low

Printer Friendly Page

Discovered: February 6, 2005

Updated: February 13, 2007 12:33:11 PM

Type: Trojan Horse, Worm

Systems Affected: Windows 2000, Windows 98, Windows Me, Windows Server 2003, Windows XP

CVE References: CAN-2004-0599 CAN-2004-0597 CAN-2004-1244 CAN-2005-1211

Bloodhound.Exploit.24 is a heuristic detection for malformed Portable Network Graphics (PNG) files attempting to exploit one of the several buffer overflows in libPNG (which is described in Microsoft Security Bulletin MS05-009 and Microsoft Security Bulletin MS05-025).

This applies to applications that render and display PNG images, such as Microsoft Windows Messenger, Microsoft MSN Messenger, and Windows Media Player 9 (except under Windows XP SP2). Microsoft Internet Explorer is not impacted.

Protection

Initial Rapid Release version February 6, 2005
Latest Rapid Release version February 6, 2005
Initial Daily Certified version October 31, 2007 revision 003
Latest Daily Certified version June 17, 2008 revision 017
Initial Weekly Certified release date February 9, 2005

Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment

Wild

Wild Level: Low
Number of Infections: 0 - 49
Number of Sites: 0 - 2
Geographical Distribution: Low
Threat Containment: Easy
Removal: Easy

Damage

Damage Level: Low

Distribution

Distribution Level: Low

Technical Details

Search Threats

Search by name

_{Example: W32.Beagle.AG@mm}