CVE-2004-0941
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.217 Low
EPSS
Percentile
96.5%
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
Affected configurations
References
secunia.com/advisories/13179/
secunia.com/advisories/18686
secunia.com/advisories/20824
secunia.com/advisories/21050
www.ciac.org/ciac/bulletins/p-071.shtml
www.debian.org/security/2004/dsa-601
www.mandriva.com/security/advisories?name=MDKSA-2006:113
www.mandriva.com/security/advisories?name=MDKSA-2006:114
www.mandriva.com/security/advisories?name=MDKSA-2006:122
www.redhat.com/support/errata/RHSA-2004-638.html
www.redhat.com/support/errata/RHSA-2006-0194.html
www.securityfocus.com/bid/11663
www.trustix.org/errata/2004/0058
exchange.xforce.ibmcloud.com/vulnerabilities/18048
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11176
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1195
www.ubuntu.com/usn/usn-25-1/
www.ubuntu.com/usn/usn-33-1/
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.217 Low
EPSS
Percentile
96.5%