10
CVE-2004-0994
- EPSS 5.15%
- Veröffentlicht 10.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:06:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zgv ≫ Xzgv Image Viewer Version0.6
Zgv ≫ Xzgv Image Viewer Version0.7
Zgv ≫ Xzgv Image Viewer Version0.8
Zgv ≫ Zgv Image Viewer Version5.5
Zgv ≫ Zgv Image Viewer Version5.6
Zgv ≫ Zgv Image Viewer Version5.7
Zgv ≫ Zgv Image Viewer Version5.8
Debian ≫ Debian Linux Version3.0 Editionalpha
Debian ≫ Debian Linux Version3.0 Editionarm
Debian ≫ Debian Linux Version3.0 Editionhppa
Debian ≫ Debian Linux Version3.0 Editionia-32
Debian ≫ Debian Linux Version3.0 Editionia-64
Debian ≫ Debian Linux Version3.0 Editionm68k
Debian ≫ Debian Linux Version3.0 Editionmips
Debian ≫ Debian Linux Version3.0 Editionmipsel
Debian ≫ Debian Linux Version3.0 Editionppc
Debian ≫ Debian Linux Version3.0 Editions-390
Debian ≫ Debian Linux Version3.0 Editionsparc
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.15% | 0.913 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://marc.info/?l=bugtraq&m=110297198402077&w=2
http://rus.members.beeb.net/xzgv-0.8-integer-overflow-fix.diff
http://www.debian.org/security/2004/dsa-614
https://exchange.xforce.ibmcloud.com/vulnerabilities/18454