CVE-2004-0990

Current Description

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.

Referenced by CVEs:CVE-2004-0941

Basic Data

PublishedMarch 01, 2005
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegetrue
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationGd Graphics LibraryGdlib1.8.4*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.1*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.15*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.20*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.21*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.22*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.23*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.26*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.27*******
    2.3ApplicationGd Graphics LibraryGdlib2.0.28*******
    2.3ApplicationOpenpkgOpenpkg2.1*******
    2.3ApplicationOpenpkgOpenpkg2.2*******
    2.3ApplicationOpenpkgOpenpkgcurrent*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSGentooLinux********
    2.3OSSuseSuse Linux8.0*******
    2.3OSSuseSuse Linux8.1*******
    2.3OSSuseSuse Linux8.2*******
    2.3OSSuseSuse Linux9.0*******
    2.3OSSuseSuse Linux9.0*x86_64*****
    2.3OSSuseSuse Linux9.1*******
    2.3OSSuseSuse Linux9.2*******
    2.3OSTrustixSecure Linux1.5*******
    2.3OSTrustixSecure Linux2.0*******
    2.3OSTrustixSecure Linux2.1*******
    2.3OSTrustixSecure Linux2.2*******

Vulnerable Software List

VendorProductVersions
Openpkg Openpkg 2.1, 2.2, current
Gd Graphics Library Gdlib 1.8.4, 2.0.1, 2.0.15, 2.0.20, 2.0.21, 2.0.22, 2.0.23, 2.0.26, 2.0.27, 2.0.28
Trustix Secure Linux 1.5, 2.0, 2.1, 2.2
Suse Suse Linux 8.0, 8.1, 8.2, 9.0, 9.1, 9.2
Gentoo Linux *

References

NameSourceURLTags
SUSE-SR:2006:003http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.htmlSUSE
20041026 libgd integer overflowhttp://marc.info/?l=bugtraq&m=109882489302099&w=2BUGTRAQ
18717http://secunia.com/advisories/18717SECUNIA
20824http://secunia.com/advisories/20824SECUNIA
20866http://secunia.com/advisories/20866SECUNIA
21050http://secunia.com/advisories/21050SECUNIA
23783http://secunia.com/advisories/23783SECUNIA
P-071http://www.ciac.org/ciac/bulletins/p-071.shtmlCIAC
DSA-589http://www.debian.org/security/2004/dsa-589DEBIAN
DSA-591http://www.debian.org/security/2004/dsa-591DEBIAN
DSA-601http://www.debian.org/security/2004/dsa-601DEBIAN
DSA-602http://www.debian.org/security/2004/dsa-602DEBIAN
MDKSA-2004:132http://www.mandriva.com/security/advisories?name=MDKSA-2004:132MANDRAKE
MDKSA-2006:113http://www.mandriva.com/security/advisories?name=MDKSA-2006:113MANDRIVA
MDKSA-2006:114http://www.mandriva.com/security/advisories?name=MDKSA-2006:114MANDRIVA
MDKSA-2006:122http://www.mandriva.com/security/advisories?name=MDKSA-2006:122MANDRIVA
11190http://www.osvdb.org/11190OSVDB
RHSA-2004:638http://www.redhat.com/support/errata/RHSA-2004-638.htmlREDHAT
11523http://www.securityfocus.com/bid/11523BIDPatch Vendor Advisory
2004-0058http://www.trustix.org/errata/2004/0058TRUSTIX
gd-png-bo(17866)https://exchange.xforce.ibmcloud.com/vulnerabilities/17866XF
https://issues.rpath.com/browse/RPL-939https://issues.rpath.com/browse/RPL-939CONFIRM
oval:org.mitre.oval:def:1260https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1260OVAL
oval:org.mitre.oval:def:9952https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9952OVAL
USN-11-1https://www.ubuntu.com/usn/usn-11-1/UBUNTU
USN-25-1https://www.ubuntu.com/usn/usn-25-1/UBUNTU