Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0941

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0941
Last Modified 21 Aug 2010 12:21:31
Published 09 Feb 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0941

Summary

Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.

Vulnerable Systems

Operating System

  • Trustix Secure Linux 1.5

  • Trustix Secure Linux 2.0

  • Trustix Secure Linux 2.1

  • Trustix Secure Linux 2.2

Application

  • Gd Graphics Library Gdlib 1.8.4

  • Gd Graphics Library Gdlib 2.0.1

  • Gd Graphics Library Gdlib 2.0.20

  • Gd Graphics Library Gdlib 2.0.21

  • Gd Graphics Library Gdlib 2.0.22

  • Gd Graphics Library Gdlib 2.0.23

  • Gd Graphics Library Gdlib 2.0.26

  • Gd Graphics Library Gdlib 2.0.27

  • Gd Graphics Library Gdlib 2.0.28

  • Gd Graphics Library Gdlib 2.0.33


References

TRUSTIX - 2004-0058

BID - 11663

SECUNIA - 13179

UBUNTU - USN-25-1

XF - gd-graphics-gdmalloc-bo(18048)

UBUNTU - USN-33-1

REDHAT - RHSA-2006:0194

REDHAT - RHSA-2004:638

MANDRIVA - MDKSA-2006:122

MANDRIVA - MDKSA-2006:114

MANDRIVA - MDKSA-2006:113

DEBIAN - DSA-601

CIAC - P-071

SECUNIA - 21050

SECUNIA - 20824

SECUNIA - 18686


Last Updated: 27 May 2016 10:38:49