7.5

CVE-2005-2096

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ZlibZlib Version1.2.0
ZlibZlib Version1.2.1
ZlibZlib Version1.2.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.48% 0.917
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
http://secunia.com/advisories/17054
http://secunia.com/advisories/18377
http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html
Vendor Advisory
http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
http://secunia.com/advisories/24788
http://www.securityfocus.com/archive/1/464745/100/0/threaded
http://www.vupen.com/english/advisories/2007/1267
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc
http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
http://secunia.com/advisories/15949
Patch
Vendor Advisory
http://secunia.com/advisories/17225
http://secunia.com/advisories/17236
http://secunia.com/advisories/17326
http://secunia.com/advisories/17516
http://secunia.com/advisories/18406
http://secunia.com/advisories/18507
http://secunia.com/advisories/19550
http://secunia.com/advisories/19597
http://secunia.com/advisories/31492
http://secunia.com/advisories/32706
http://security.gentoo.org/glsa/glsa-200507-05.xml
Patch
Vendor Advisory
http://securitytracker.com/id?1014398
Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1
Patch
Vendor Advisory
http://support.apple.com/kb/HT3298
http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
http://www.debian.org/security/2005/dsa-740
Patch
Vendor Advisory
http://www.debian.org/security/2005/dsa-797
Patch
Vendor Advisory
http://www.debian.org/security/2006/dsa-1026
http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/680620
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2005:112
http://www.mandriva.com/security/advisories?name=MDKSA-2005:196
http://www.mandriva.com/security/advisories?name=MDKSA-2006:070
http://www.redhat.com/support/errata/RHSA-2005-569.html
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2008-0629.html
http://www.securityfocus.com/archive/1/421411/100/0/threaded
http://www.securityfocus.com/archive/1/482503/100/0/threaded
http://www.securityfocus.com/archive/1/482505/100/0/threaded
http://www.securityfocus.com/archive/1/482571/100/0/threaded
http://www.securityfocus.com/archive/1/482601/100/0/threaded
http://www.securityfocus.com/archive/1/482949/100/0/threaded
http://www.securityfocus.com/archive/1/482950/100/0/threaded
http://www.securityfocus.com/bid/14162
Patch
http://www.ubuntulinux.org/usn/usn-151-3
http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
http://www.vupen.com/english/advisories/2005/0978
http://www.vupen.com/english/advisories/2006/0144
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391
Vendor Advisory
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/24064
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
https://usn.ubuntu.com/148-1/