// For flags

CVE-2005-2096

zlib DoS

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-06-30 CVE Reserved
  • 2005-07-06 CVE Published
  • 2024-06-12 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (58)
URL Tag Source
http://secunia.com/advisories/17054 Third Party Advisory
http://secunia.com/advisories/17225 Third Party Advisory
http://secunia.com/advisories/17236 Third Party Advisory
http://secunia.com/advisories/17326 Third Party Advisory
http://secunia.com/advisories/17516 Third Party Advisory
http://secunia.com/advisories/18377 Third Party Advisory
http://secunia.com/advisories/18406 Third Party Advisory
http://secunia.com/advisories/18507 Third Party Advisory
http://secunia.com/advisories/19550 Third Party Advisory
http://secunia.com/advisories/19597 Third Party Advisory
http://secunia.com/advisories/24788 Third Party Advisory
http://secunia.com/advisories/31492 Third Party Advisory
http://secunia.com/advisories/32706 Third Party Advisory
http://support.apple.com/kb/HT3298 X_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm X_refsource_confirm
http://www.kb.cert.org/vuls/id/680620 Third Party Advisory
http://www.securityfocus.com/archive/1/464745/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/482503/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/482505/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/482571/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/482601/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/482949/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/482950/100/0/threaded Mailing List
http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html X_refsource_confirm
http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html X_refsource_confirm
http://www.vupen.com/english/advisories/2005/0978 Vdb Entry
http://www.vupen.com/english/advisories/2006/0144 Vdb Entry
http://www.vupen.com/english/advisories/2007/1267 Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 Vdb Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262 Signature
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542 Signature
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Zlib
Search vendor "Zlib"
Zlib
Search vendor "Zlib" for product "Zlib"
1.2.0
Search vendor "Zlib" for product "Zlib" and version "1.2.0"
-
Affected
Zlib
Search vendor "Zlib"
Zlib
Search vendor "Zlib" for product "Zlib"
1.2.1
Search vendor "Zlib" for product "Zlib" and version "1.2.1"
-
Affected
Zlib
Search vendor "Zlib"
Zlib
Search vendor "Zlib" for product "Zlib"
1.2.2
Search vendor "Zlib" for product "Zlib" and version "1.2.2"
-
Affected