| Vulnerability Name: | CVE-2004-0941 (CCN-18048) | ||||||||||||||||||||||||||||
| Assigned: | 2004-11-10 | ||||||||||||||||||||||||||||
| Published: | 2004-11-10 | ||||||||||||||||||||||||||||
| Updated: | 2018-05-03 | ||||||||||||||||||||||||||||
| Summary: | Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990. | ||||||||||||||||||||||||||||
| CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2004-0941 Source: CCN Type: RHSA-2004-638 gd security update Source: CCN Type: RHSA-2006-0194 gd security update Source: CCN Type: SA13179 GD Graphics Library Unspecified Buffer Overflow Vulnerabilities Source: SECUNIA Type: UNKNOWN 13179 Source: SECUNIA Type: UNKNOWN 18686 Source: SECUNIA Type: UNKNOWN 20824 Source: SECUNIA Type: UNKNOWN 21050 Source: CCN Type: Boutell Web site GD Graphics Library Source: CCN Type: CIAC Information Bulletin P-071 Updated "gd" Packages Source: CIAC Type: UNKNOWN P-071 Source: DEBIAN Type: UNKNOWN DSA-601 Source: DEBIAN Type: DSA-601 libgd -- integer overflow Source: DEBIAN Type: DSA-602 libgd2 -- integer overflow Source: CCN Type: Fedora Update Notification FEDORA-2004-411 A graphics library for quick creation of PNG or JPEG images. Source: CCN Type: Fedora Update Notification FEDORA-2004-412 A graphics library for quick creation of PNG or JPEG images. Source: MANDRIVA Type: UNKNOWN MDKSA-2006:113 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:114 Source: MANDRIVA Type: UNKNOWN MDKSA-2006:122 Source: REDHAT Type: UNKNOWN RHSA-2004:638 Source: REDHAT Type: UNKNOWN RHSA-2006:0194 Source: BID Type: Patch, Vendor Advisory 11663 Source: CCN Type: BID-11663 GD Graphics Library Multiple Unspecified Remote Buffer overflow Vulnerabilities Source: CCN Type: Trustix Secure Linux Security Advisory #2004-0058 Various security fixes Source: TRUSTIX Type: Patch, Vendor Advisory 2004-0058 Source: CCN Type: TLSA-2007-16 libwmf buffer over flow Source: CCN Type: USN-25-1 libgd2 vulnerability Source: CCN Type: USN-33-1 libgd vulnerabilities Source: XF Type: UNKNOWN gd-graphics-gdmalloc-bo(18048) Source: XF Type: UNKNOWN gd-graphics-gdmalloc-bo(18048) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:11176 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1195 Source: UBUNTU Type: UNKNOWN USN-25-1 Source: UBUNTU Type: UNKNOWN USN-33-1 | ||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||