cbcvebase.
CVE-2004-0941
published 2005-02-09

CVE-2004-0941: Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files…

PriorityP339critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
10.69%
95.3th percentile
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.

Affected

26 ranges· showing 25
VendorProductVersion rangeFixed in
debianlibgd2< libgd2 2.0.30-1 (bookworm)libgd2 2.0.30-1 (bookworm)
debianlibgd2< libgd2 2.0.33-1.1 (bookworm)libgd2 2.0.33-1.1 (bookworm)
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
gd_graphics_librarygdlib
openpkgopenpkg
openpkgopenpkg
openpkgopenpkg
susesuse_linux
susesuse_linux
susesuse_linux
susesuse_linux
susesuse_linux
susesuse_linux
trustixsecure_linux
trustixsecure_linux
trustixsecure_linux

CVSS provenance

nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL
vendor_debian10.0CRITICAL
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.