GEN:SID 1:3132
Message WEB-CLIENT PNG large image width download attempt
Summary This event is generated when an attempt is made to exploit a buffer overflow
associated with the processing of a Portable Network Graphics (PNG) file by
the GD Graphics Library.
Impact A successful attack may cause a denial of service or a buffer overflow and the
subsequent execution of arbitrary code on a vulnerable server.
Detailed Information A vulnerability exists in the way that software that handles PNG files,
libpng, allocates memory for PNG images. A maliciously formatted PNG
image sent to a vulnerable server may cause a buffer overflow and the
subsequent execution of arbitrary code on a vulnerable server.  A
PNG file with an excessively large image height, width, or depth, or
combination of these can cause a buffer overflow.
Affected Systems GD Graphics Library 2.0.28 and earlier
Attack Scenarios An attacker can create a malformed PNG file and upload it to a web server,
possibly causing a buffer overflow.
Ease of Attack Simple.
Corrective Action Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.
Additional References  
Rule References bugtraq: 11523
cve: 2004-0990
cve: 2004-1244
url: www.microsoft.com/technet/security/bulletin/MS05-009.mspx