Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2004-0994

Опубликовано: 10 янв. 2005
Источник: nvd
CVSS2: 10
EPSS Низкий

Описание

Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:zgv:xzgv_image_viewer:0.6:*:*:*:*:*:*:*
cpe:2.3:a:zgv:xzgv_image_viewer:0.7:*:*:*:*:*:*:*
cpe:2.3:a:zgv:xzgv_image_viewer:0.8:*:*:*:*:*:*:*
cpe:2.3:a:zgv:zgv_image_viewer:5.5:*:*:*:*:*:*:*
cpe:2.3:a:zgv:zgv_image_viewer:5.6:*:*:*:*:*:*:*
cpe:2.3:a:zgv:zgv_image_viewer:5.7:*:*:*:*:*:*:*
cpe:2.3:a:zgv:zgv_image_viewer:5.8:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:3.0:*:alpha:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:arm:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:hppa:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ia-32:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ia-64:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:m68k:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:mips:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:mipsel:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:ppc:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:s-390:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.0:*:sparc:*:*:*:*:*

EPSS

Процентиль: 90%
0.06038
Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2004-0994

ubuntu
больше 20 лет назад

Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.

debian логотип

CVE-2004-0994

debian
больше 20 лет назад

Multiple integer overflows in xzgv 0.8 and earlier allow remote attack ...

github логотип

GHSA-74wh-7854-hjwj

github
около 3 лет назад

Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the read_prf_file function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.

EPSS

Процентиль: 90%
0.06038
Низкий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other