| Vulnerability Name: | CVE-2004-1095 (CCN-17871) | ||||||||
| Assigned: | 2004-10-25 | ||||||||
| Published: | 2004-10-25 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. Note: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon Oct 25 2004 - 20:07:17 CDT zgv image viewing heap overflows Source: CCN Type: BugTraq Mailing List, Oct 27 2004 - 22:39:07 CDT Re: zgv image viewing heap overflows Source: MITRE Type: CNA CVE-2004-1095 Source: BUGTRAQ Type: UNKNOWN 20041026 zgv image viewing heap overflows Source: BUGTRAQ Type: UNKNOWN 20041028 Re: zgv image viewing heap overflows Source: DEBIAN Type: DSA-608 zgv -- integer overflows Source: CCN Type: GLSA-200411-12 zgv: Multiple buffer overflows Source: GENTOO Type: UNKNOWN GLSA-200411-12 Source: CCN Type: OSVDB ID: 11205 zgv BMP Image Processing Overflow Source: CCN Type: OSVDB ID: 11206 zgv GIF Image Processing Overflow Source: CCN Type: OSVDB ID: 11207 zgv MRF Image Processing Overflow Source: CCN Type: OSVDB ID: 11208 zgv PCX Image Processing Overflow Source: CCN Type: OSVDB ID: 11209 zgv PNG Image Processing Overflow Source: CCN Type: OSVDB ID: 11210 zgv PNM Image Processing Overflow Source: CCN Type: OSVDB ID: 11211 zgv PRF Image Processing Overflow Source: CCN Type: OSVDB ID: 11212 zgv TIFF Image Processing Overflow Source: CCN Type: OSVDB ID: 11213 zgv XPM Image Processing Overflow Source: CCN Type: OSVDB ID: 11235 zgv PCD Image Processing Overflow Source: CCN Type: OSVDB ID: 11396 xzgv GIF Image Processing Overflow Source: CCN Type: OSVDB ID: 11397 xzgv MRF Image Processing Overflow Source: CCN Type: OSVDB ID: 11398 xzgv JPEG Image Processing Overflow Source: CCN Type: OSVDB ID: 11399 xzgv PRF Image Processing Overflow Source: CCN Type: OSVDB ID: 11400 xzgv TIFF Image Processing Overflow Source: BID Type: Patch, Vendor Advisory 11556 Source: CCN Type: BID-11556 ZGV And XZGV Image Viewer Multiple Remote Integer Overflow Vulnerabilities Source: CCN Type: zgv Web page zgv - svgalib picture viewer with thumbnail-based file selector Source: CONFIRM Type: UNKNOWN http://www.svgalib.org/rus/zgv/ Source: CONFIRM Type: UNKNOWN http://www.svgalib.org/rus/zgv/zgv-5.8-integer-overflow-fix.diff Source: XF Type: UNKNOWN zgv-image-header-bo(17871) Source: XF Type: UNKNOWN zgv-image-header-bo(17871) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration 2:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||