CVE-2004-0990 : Detail

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 600

Publication date : 2004-10-25 22h00 +00:00
Author : anonymous
EDB Verified : Yes

Products Mentioned

Configuraton 0

Gd_graphics_library>>Gdlib >> Version 1.8.4

Gd_graphics_library>>Gdlib >> Version 2.0.1

Gd_graphics_library>>Gdlib >> Version 2.0.15

Gd_graphics_library>>Gdlib >> Version 2.0.20

Gd_graphics_library>>Gdlib >> Version 2.0.21

Gd_graphics_library>>Gdlib >> Version 2.0.22

Gd_graphics_library>>Gdlib >> Version 2.0.23

Gd_graphics_library>>Gdlib >> Version 2.0.26

Gd_graphics_library>>Gdlib >> Version 2.0.27

Gd_graphics_library>>Gdlib >> Version 2.0.28

Openpkg>>Openpkg >> Version 2.1

Openpkg>>Openpkg >> Version 2.2

Openpkg>>Openpkg >> Version current

Configuraton 0

Gentoo>>Linux >> Version *

Suse>>Suse_linux >> Version 8.0

Suse>>Suse_linux >> Version 8.1

Suse>>Suse_linux >> Version 8.2

Suse>>Suse_linux >> Version 9.0

Suse>>Suse_linux >> Version 9.0

Suse>>Suse_linux >> Version 9.1

Suse>>Suse_linux >> Version 9.2

Trustix>>Secure_linux >> Version 1.5

Trustix>>Secure_linux >> Version 2.0

Trustix>>Secure_linux >> Version 2.1

Trustix>>Secure_linux >> Version 2.2

References