10

CVE-2004-0990

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gd Graphics LibraryGdlib Version1.8.4
Gd Graphics LibraryGdlib Version2.0.1
Gd Graphics LibraryGdlib Version2.0.15
Gd Graphics LibraryGdlib Version2.0.20
Gd Graphics LibraryGdlib Version2.0.21
Gd Graphics LibraryGdlib Version2.0.22
Gd Graphics LibraryGdlib Version2.0.23
Gd Graphics LibraryGdlib Version2.0.26
Gd Graphics LibraryGdlib Version2.0.27
Gd Graphics LibraryGdlib Version2.0.28
OpenpkgOpenpkg Version2.1
OpenpkgOpenpkg Version2.2
OpenpkgOpenpkg Versioncurrent
SuseSuse Linux Version8.0
SuseSuse Linux Version8.1
SuseSuse Linux Version8.2
SuseSuse Linux Version9.0
SuseSuse Linux Version9.0 Editionx86_64
SuseSuse Linux Version9.1
SuseSuse Linux Version9.2
TrustixSecure Linux Version1.5
TrustixSecure Linux Version2.0
TrustixSecure Linux Version2.1
TrustixSecure Linux Version2.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 28.26% 0.979
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/20824
http://secunia.com/advisories/21050
http://www.ciac.org/ciac/bulletins/p-071.shtml
http://www.debian.org/security/2004/dsa-601
http://www.mandriva.com/security/advisories?name=MDKSA-2006:113
http://www.mandriva.com/security/advisories?name=MDKSA-2006:114
http://www.mandriva.com/security/advisories?name=MDKSA-2006:122
http://www.redhat.com/support/errata/RHSA-2004-638.html
http://www.trustix.org/errata/2004/0058
https://www.ubuntu.com/usn/usn-25-1/
http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html
http://marc.info/?l=bugtraq&m=109882489302099&w=2
http://secunia.com/advisories/18717
http://secunia.com/advisories/20866
http://secunia.com/advisories/23783
http://www.debian.org/security/2004/dsa-589
http://www.debian.org/security/2004/dsa-591
http://www.debian.org/security/2004/dsa-602
http://www.mandriva.com/security/advisories?name=MDKSA-2004:132
http://www.osvdb.org/11190
http://www.securityfocus.com/bid/11523
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17866
https://issues.rpath.com/browse/RPL-939
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1260
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9952
https://www.ubuntu.com/usn/usn-11-1/