QwikSec

Security Database

CVE

CWE

Training

CVE-2004-1095

Published: Dec 1, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Multiple integer overflows in (1) readbmp.c, (2) readgif.c, (3) readgif.c, (4) readmrf.c, (5) readpcx.c, (6) readpng.c,(7) readpnm.c, (8) readprf.c, (9) readtiff.c, (10) readxbm.c, (11) readxpm.c in zgv 5.8 allow remote attackers to execute arbitrary code via certain image headers that cause calculations to be overflowed and small buffers to be allocated, leading to buffer overflows. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

zgv-image-header-bo(17871)

vdb-entry

x_refsource_XF

http://www.svgalib.org/rus/zgv/

x_refsource_CONFIRM

http://www.svgalib.org/rus/zgv/zgv-5.8-integer-overflow-fix.diff

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

20041028 Re: zgv image viewing heap overflows

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

20041026 zgv image viewing heap overflows

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.