CVE-2004-0990 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2004-0990
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2004-0990

Description: Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/17866 UBUNTU http://marc.theaimsgroup.com/?l=bugtraq&m=110055781015402&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=109907605501428&w=2 TRUSTIX http://www.trustix.org/errata/2004/0058 SUSE http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html SAID Secunia Advisory: SA18717 Secunia Advisory: SA20866 Secunia Advisory: SA20824 Secunia Advisory: SA21050 Secunia Advisory: SA23783 REDHAT http://www.redhat.com/support/errata/RHSA-2004-638.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1260 OSVDB 11190 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:122 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:113 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:114 MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:132 DEBIAN http://www.debian.org/security/2004/dsa-602 http://www.debian.org/security/2004/dsa-601 http://www.debian.org/security/2004/dsa-591 http://www.debian.org/security/2004/dsa-589 CONFIRM CIAC http://www.ciac.org/ciac/bulletins/p-071.shtml BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=109882489302099&w=2 BID 11523

Return to the previous page.