CVE-2005-2096

 

Published at: - 06-07-2005 06:00

Last modified: - 22-06-2022 06:40

Total changes: - 3

Description

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:N/C:P/I:P/A:P

 

Verification logic

 

Reference

• DSA-740-Patch, Vendor Advisory
• RHSA-2005:569-Patch, Vendor Advisory
• GLSA-200507-05-Patch, Vendor Advisory
• 14162-Patch
• 1014398-Vendor Advisory
• 15949-Patch, Vendor Advisory
• APPLE-SA-2005-08-15-
• APPLE-SA-2005-08-17-Vendor Advisory
• FLSA:162680-Vendor Advisory
• GLSA-200509-18-Patch, Vendor Advisory
• DSA-797-Patch, Vendor Advisory
• https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391
• FreeBSD-SA-05:16.zlib-
• 101989-Patch, Vendor Advisory
• VU#680620-Third Party Advisory, US Government Resource
• USN-151-3-
• SCOSA-2006.6-
• 18406-
• 18377-
• 17054-
• 17225-
• 17236-
• 17326-
• 17516-
• 19550-
• DSA-1026-
• http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
• 18507-
• 19597-
• http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
• http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
• 24788-
• MDKSA-2005:112-
• MDKSA-2005:196-
• MDKSA-2006:070-
• APPLE-SA-2008-11-13-
• http://support.apple.com/kb/HT3298
• RHSA-2008:0629-
• 31492-
• ADV-2007-1267-
• ADV-2006-0144-
• ADV-2005-0978-
• 32706-
• hpux-secure-shell-dos(24064)-
• oval:org.mitre.oval:def:1542-
• oval:org.mitre.oval:def:1262-
• oval:org.mitre.oval:def:11500-
• USN-148-1-
• 20071029 Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096)-
• 20071029 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)-
• 20071021 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)-
• 20071020 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)-
• 20071018 Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096)-
• 20071018 Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)-
• 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates-
• HPSBUX02090-

 

Keywords

NVD

 

CVE-2005-2096

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures