CVE-2004-0941

13 documents8 sources

Severity

10.0CRITICAL

EPSS

14.0%

top 5.65%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GD Graphics Library Gdlib Trustix Secure Linux

Timeline

PublishedFeb 9

Latest updateApr 29

Description

Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDgd_graphics_library/gdlib10 versions+9

▶Debianlibgd2< 2.0.33-1.1+3

▶NVDtrustix/secure_linux4 versions+3

Patches

Patch: www.securityfocus.com ↗Patch: www.trustix.org ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-5jw2-pr8r-5fc7: Multiple buffer overflows in the gd graphics library (libgd) 2↗2022-04-29

▶

OSV

CVE-2004-0941: Multiple buffer overflows in the gd graphics library (libgd) 2↗2005-02-09

▶

CVEList

CVE-2004-0941: Multiple buffer overflows in the gd graphics library (libgd) 2↗2004-11-19

▶

📋Vendor Advisories

Ubuntu

libgd vulnerabilities↗2004-11-30

▶

Ubuntu

libgd2 vulnerability↗2004-11-16

▶

Red Hat

gd: additional overflows↗2004-11-10

▶

Red Hat

security flaw↗2004-10-26

▶

Debian

CVE-2004-0941: libgd2 - Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier ...↗2004

▶

💬Community

Bugzilla

CVE-2004-0990 security flaw↗2018-08-16

▶

Bugzilla

CVE-2004-0941 additional overflows in gd [FC5test2]↗2006-01-16

▶

Bugzilla

CVE-2004-0941 gd: additional overflows↗2005-12-09

▶

Bugzilla

CVE-2004-0941 additional overflows in gd↗2005-12-09

▶