CVE-2004-0941
gd: additional overflows
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-10-12 CVE Reserved
- 2004-11-19 CVE Published
- 2023-10-27 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/13179 | Third Party Advisory | |
| http://secunia.com/advisories/18686 | Third Party Advisory | |
| http://secunia.com/advisories/20824 | Third Party Advisory | |
| http://secunia.com/advisories/21050 | Third Party Advisory | |
| http://www.ciac.org/ciac/bulletins/p-071.shtml | Government Resource | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18048 | Vdb Entry | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11176 | Signature | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1195 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/11663 | 2018-05-03 | |
| http://www.trustix.org/errata/2004/0058 | 2018-05-03 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2004/dsa-601 | 2018-05-03 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:113 | 2018-05-03 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:114 | 2018-05-03 | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2006:122 | 2018-05-03 | |
| http://www.redhat.com/support/errata/RHSA-2004-638.html | 2018-05-03 | |
| http://www.redhat.com/support/errata/RHSA-2006-0194.html | 2018-05-03 | |
| https://www.ubuntu.com/usn/usn-25-1 | 2018-05-03 | |
| https://www.ubuntu.com/usn/usn-33-1 | 2018-05-03 | |
| https://access.redhat.com/security/cve/CVE-2004-0941 | 2006-02-01 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=175413 | 2006-02-01 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 1.8.4 Search vendor "Gd Graphics Library" for product "Gdlib" and version "1.8.4" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.1 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.1" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.20 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.20" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.21 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.21" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.22 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.22" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.23 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.23" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.26 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.26" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.27 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.27" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.28 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.28" | - |
Affected
| ||||||
| Gd Graphics Library Search vendor "Gd Graphics Library" | Gdlib Search vendor "Gd Graphics Library" for product "Gdlib" | 2.0.33 Search vendor "Gd Graphics Library" for product "Gdlib" and version "2.0.33" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 1.5 Search vendor "Trustix" for product "Secure Linux" and version "1.5" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.0 Search vendor "Trustix" for product "Secure Linux" and version "2.0" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.1 Search vendor "Trustix" for product "Secure Linux" and version "2.1" | - |
Affected
| ||||||
| Trustix Search vendor "Trustix" | Secure Linux Search vendor "Trustix" for product "Secure Linux" | 2.2 Search vendor "Trustix" for product "Secure Linux" and version "2.2" | - |
Affected
| ||||||