Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2004-1095

Published: 10/01/2005 Updated: 11/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Zgv

Vulnerability Summary

Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote malicious users to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.

Vulnerable Product Search on Vulmon Subscribe to Product

zgv xzgv image viewer 0.8

zgv zgv image viewer 5.5

zgv zgv image viewer 5.6

zgv zgv image viewer 5.7

zgv xzgv image viewer 0.6

zgv xzgv image viewer 0.7

zgv zgv image viewer 5.8

debian debian linux 3.0

Vendor Advisories

Debian Security Advisories: DSA-608-1 zgv -- integer overflows, unsanitised input
Several vulnerabilities have been discovered in zgv, an SVGAlib graphics viewer for the i386 architecture The Common Vulnerabilities and Exposures Project identifies the following problems: CAN-2004-1095 "infamous41md" discovered multiple integer overflows in zgv Remote exploitation of an integer overflow vulnerability could allow th ...

Exploits

Exploit DB: zgv 5.5 - Multiple Arbitrary Code Executions
Download: githubcom/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/609targz (ximage_zgvtargz) # milw0rmcom [2004-10-28] ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/11556http://www.gentoo.org/security/en/glsa/glsa-200411-12.xmlhttp://www.svgalib.org/rus/zgv/http://www.svgalib.org/rus/zgv/zgv-5.8-integer-overflow-fix.diffhttp://marc.info/?l=bugtraq&m=109886210702781&w=2http://marc.info/?l=bugtraq&m=109898111915661&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/17871https://nvd.nist.govhttps://www.debian.org/security/./dsa-608https://www.exploit-db.com/exploits/609/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook