1. CVE-Search
  2. CVE-2004-0941
ID CVE-2004-0941
Summary Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
References
Vulnerable Configurations
  • cpe:2.3:a:gd_graphics_library:gdlib:1.8.4:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:1.8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.20:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.21:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.22:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.23:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.26:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.27:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.28:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.33:*:*:*:*:*:*:*
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.33:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*
    cpe:2.3:o:trustix:secure_linux:2.2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 03-05-2018 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2013-04-29T04:12:04.751-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    • comment The operating system installed on the system is Red Hat Enterprise Linux 4
      oval oval:org.mitre.oval:def:11831
    • comment CentOS Linux 4.x
      oval oval:org.mitre.oval:def:16636
    • comment Oracle Linux 4.x
      oval oval:org.mitre.oval:def:15990
    description Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
    family unix
    id oval:org.mitre.oval:def:11176
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
    version 29
  • accepted 2005-08-18T07:37:00.000-04:00
    class vulnerability
    contributors
    name Jay Beale
    organization Bastille Linux
    description Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.
    family unix
    id oval:org.mitre.oval:def:1195
    status accepted
    submitted 2005-06-27T12:00:00.000-04:00
    title Multiple Buffer Overflows in libgd
    version 2
redhat via4
advisories
  • bugzilla
    id 175413
    title CVE-2004-0941 gd: additional overflows
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 4 is installed
        oval oval:com.redhat.rhba:tst:20070304025
      • OR
        • AND
          • comment gd is earlier than 0:2.0.28-4.4E.1
            oval oval:com.redhat.rhsa:tst:20060194001
          • comment gd is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060194002
        • AND
          • comment gd-devel is earlier than 0:2.0.28-4.4E.1
            oval oval:com.redhat.rhsa:tst:20060194003
          • comment gd-devel is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060194004
        • AND
          • comment gd-progs is earlier than 0:2.0.28-4.4E.1
            oval oval:com.redhat.rhsa:tst:20060194005
          • comment gd-progs is signed with Red Hat master key
            oval oval:com.redhat.rhsa:tst:20060194006
    rhsa
    id RHSA-2006:0194
    released 2006-02-01
    severity Moderate
    title RHSA-2006:0194: gd security update (Moderate)
  • rhsa
    id RHSA-2004:638
rpms
  • gd-0:1.8.4-12.3.1
  • gd-debuginfo-0:1.8.4-12.3.1
  • gd-devel-0:1.8.4-12.3.1
  • gd-progs-0:1.8.4-12.3.1
  • gd-0:2.0.28-4.4E.1
  • gd-debuginfo-0:2.0.28-4.4E.1
  • gd-devel-0:2.0.28-4.4E.1
  • gd-progs-0:2.0.28-4.4E.1
refmap via4
bid 11663
ciac P-071
debian DSA-601
fedora FEDORA-2004-411
mandriva
  • MDKSA-2006:113
  • MDKSA-2006:114
  • MDKSA-2006:122
secunia
  • 13179
  • 18686
  • 20824
  • 21050
trustix 2004-0058
ubuntu
  • USN-25-1
  • USN-33-1
xf gd-graphics-gdmalloc-bo(18048)
statements via4
contributor Mark J Cox
lastmodified 2007-03-14
organization Red Hat
statement Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
Last major update 03-05-2018 - 01:29
Published 09-02-2005 - 05:00
Last modified 03-05-2018 - 01:29
Back to Top