Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2004-0990

Published: 01/03/2005 Updated: 11/10/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Gd Graphics Library

Vulnerability Summary

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.

Vulnerable Product Search on Vulmon Subscribe to Product

gd graphics library gdlib 1.8.4

gd graphics library gdlib 2.0.26

gd graphics library gdlib 2.0.27

gd graphics library gdlib 2.0.28

gd graphics library gdlib 2.0.1

gd graphics library gdlib 2.0.15

openpkg openpkg 2.1

openpkg openpkg 2.2

gd graphics library gdlib 2.0.20

gd graphics library gdlib 2.0.21

openpkg openpkg current

gd graphics library gdlib 2.0.22

gd graphics library gdlib 2.0.23

suse suse linux 8.1

suse suse linux 8.2

trustix secure linux 2.1

trustix secure linux 2.2

suse suse linux 9.0

suse suse linux 9.1

suse suse linux 9.2

gentoo linux

suse suse linux 8.0

trustix secure linux 1.5

trustix secure linux 2.0

Vendor Advisories

Red Hat: gd security update
Synopsis gd security update Type/Severity Security Advisory: Important Topic Updated gd packages that fix security issues with overflow in variousmemory allocation calls are now available[Updated 24 May 2005]Multilib packages have been added to this advisory Description The gd packages con ...
Ubuntu Security Notice: libgd vulnerabilities
Several buffer overflows have been discovered in libgd’s PNG handling functions ...
Ubuntu Security Notice: libgd2 vulnerabilities
Several buffer overflows have been discovered in libgd’s PNG handling functions ...
Debian Security Advisories: DSA-591-1 libgd2 -- integer overflows
"infamous41md" discovered several integer overflows in the PNG image decoding routines of the GD graphics library This could lead to the execution of arbitrary code on the victim's machine For the stable distribution (woody) these problems have been fixed in version 184-17woody3 of libgd1 and in version 201-10woody1 of libgd2 For the unstab ...
Debian Security Advisories: DSA-602-1 libgd2 -- integer overflow
More potential integer overflows have been found in the GD graphics library which weren't covered by our security advisory DSA 591 They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine For the stable distribution (woody) these problems have been fixed in version 201-10wo ...
Debian Security Advisories: DSA-601-1 libgd -- integer overflow
More potential integer overflows have been found in the GD graphics library which weren't covered by our security advisory DSA 589 They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine For the stable distribution (woody) these problems have been fixed in version 184-17w ...

Exploits

Exploit DB: GD Graphics Library - Local Heap Overflow
#include <stdioh> #include <sys/typesh> #include <netinet/inh> #include <fcntlh> #include <stringh> #include <unistdh> #include <stdlibh> #include <stdinth> #include <zlibh> #define OUTFILE "britnay_spares_pr0npng" #define BS 0x1000 #define ALIGN 0 #define die(x) do{ perror((x)); exi ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/11523http://www.debian.org/security/2004/dsa-589http://www.debian.org/security/2004/dsa-591http://www.debian.org/security/2004/dsa-601http://www.debian.org/security/2004/dsa-602http://www.trustix.org/errata/2004/0058http://www.osvdb.org/11190http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.htmlhttp://secunia.com/advisories/18717http://secunia.com/advisories/20866http://secunia.com/advisories/20824http://secunia.com/advisories/21050http://www.redhat.com/support/errata/RHSA-2004-638.htmlhttp://www.ciac.org/ciac/bulletins/p-071.shtmlhttps://issues.rpath.com/browse/RPL-939http://secunia.com/advisories/23783http://www.mandriva.com/security/advisories?name=MDKSA-2004:132http://www.mandriva.com/security/advisories?name=MDKSA-2006:113http://www.mandriva.com/security/advisories?name=MDKSA-2006:114http://www.mandriva.com/security/advisories?name=MDKSA-2006:122http://marc.info/?l=bugtraq&m=109882489302099&w=2https://www.ubuntu.com/usn/usn-25-1/https://www.ubuntu.com/usn/usn-11-1/https://exchange.xforce.ibmcloud.com/vulnerabilities/17866https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9952https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1260https://access.redhat.com/errata/RHSA-2004:638https://nvd.nist.govhttps://usn.ubuntu.com/21-1/https://www.exploit-db.com/exploits/600/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook