Search for vulnerabilities
Vulnerability ID | VCID-9xc2-fhm4-aaaq |
Aliases |
CVE-2004-0990
|
Summary | Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941. |
Status | Published |
Exploitability | 2.0 |
Weighted Severity | 9.0 |
Risk | 10.0 |
Affected and Fixed Packages | Package Details |
There are no known CWE. |
Data source | Exploit-DB |
---|---|
Date added | Oct. 25, 2004 |
Description | GD Graphics Library - Local Heap Overflow |
Ransomware campaign use | Known |
Source publication date | Oct. 26, 2004 |
Exploit type | local |
Platform | linux |
Source update date | April 12, 2016 |
Exploitability (E) | Access Vector (AV) | Access Complexity (AC) | Authentication (Au) | Confidentiality Impact (C) | Integrity Impact (I) | Availability Impact (A) |
---|---|---|---|---|---|---|
high functional unproven proof_of_concept not_defined |
local adjacent_network network |
high medium low |
multiple single none |
none partial complete |
none partial complete |
none partial complete |
Percentile | 0.96574 |
EPSS Score | 0.21652 |
Published At | Nov. 1, 2024, midnight |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
There are no relevant records. |