CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Date published : 2004-05-05
http://lists.apple.com/mhonarc/security-announce/msg00056.html