Vulnerability-Lookup

CVE-2005-2096 (GCVE-0-2005-2096)

Vulnerability from cvelistv5 – Published: 2005-07-06 08:00 – Updated: 2024-08-07 22:15

Summary

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://sunsolve.sun.com/search/document.do?assetk…	vendor-advisoryx_refsource_SUNALERT
	http://www.debian.org/security/2006/dsa-1026	vendor-advisoryx_refsource_DEBIAN
	http://secunia.com/advisories/17236	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/482505/100…	mailing-listx_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories…	vendor-advisoryx_refsource_FREEBSD
	http://secunia.com/advisories/15949	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-797	vendor-advisoryx_refsource_DEBIAN
	http://www.gentoo.org/security/en/glsa/glsa-20050…	vendor-advisoryx_refsource_GENTOO
	http://securitytracker.com/id?1014398	vdb-entryx_refsource_SECTRACK
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/archive/1/464745/100…	mailing-listx_refsource_BUGTRAQ
	http://www.ubuntulinux.org/usn/usn-151-3	vendor-advisoryx_refsource_UBUNTU
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.securityfocus.com/archive/1/482601/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/18507	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/17054	third-party-advisoryx_refsource_SECUNIA
	https://usn.ubuntu.com/148-1/	vendor-advisoryx_refsource_UBUNTU
	http://www.securityfocus.com/bid/14162	vdb-entryx_refsource_BID
	http://www.vmware.com/support/vi3/doc/esx-9916286…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/421411/100…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/31492	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2008-06…	vendor-advisoryx_refsource_REDHAT
	http://secunia.com/advisories/17225	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/1267	vdb-entryx_refsource_VUPEN
	http://www.vmware.com/support/vi3/doc/esx-3616065…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/421411/100…	vendor-advisoryx_refsource_HP
	http://secunia.com/advisories/18406	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/482950/100…	mailing-listx_refsource_BUGTRAQ
	http://secunia.com/advisories/24788	third-party-advisoryx_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRAKE
	http://secunia.com/advisories/32706	third-party-advisoryx_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://secunia.com/advisories/17326	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2005/0978	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/archive/1/482503/100…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/482949/100…	mailing-listx_refsource_BUGTRAQ
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	http://secunia.com/advisories/17516	third-party-advisoryx_refsource_SECUNIA
	http://www.debian.org/security/2005/dsa-740	vendor-advisoryx_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2006/0144	vdb-entryx_refsource_VUPEN
	http://support.apple.com/kb/HT3298	x_refsource_CONFIRM
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi…	x_refsource_MISC
	http://www.redhat.com/support/errata/RHSA-2005-569.html	vendor-advisoryx_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-200507-05.xml	vendor-advisoryx_refsource_GENTOO
	http://secunia.com/advisories/19597	third-party-advisoryx_refsource_SECUNIA
	http://support.avaya.com/elmodocs2/security/ASA-2…	x_refsource_CONFIRM
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-20…	vendor-advisoryx_refsource_SCO
	http://secunia.com/advisories/19550	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/18377	third-party-advisoryx_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce…	vendor-advisoryx_refsource_APPLE
	https://bugzilla.redhat.com/bugzilla/show_bug.cgi…	vendor-advisoryx_refsource_FEDORA
	http://www.kb.cert.org/vuls/id/680620	third-party-advisoryx_refsource_CERT-VN
	http://www.securityfocus.com/archive/1/482571/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T22:15:37.425Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "101989",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
          },
          {
            "name": "DSA-1026",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1026"
          },
          {
            "name": "17236",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17236"
          },
          {
            "name": "20071018 Official Windows binaries of \"curl\" contain vulnerable zlib 1.2.2 (CAN-2005-2096)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
          },
          {
            "name": "hpux-secure-shell-dos(24064)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
          },
          {
            "name": "APPLE-SA-2008-11-13",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
          },
          {
            "name": "FreeBSD-SA-05:16.zlib",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"
          },
          {
            "name": "15949",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/15949"
          },
          {
            "name": "DSA-797",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-797"
          },
          {
            "name": "GLSA-200509-18",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
          },
          {
            "name": "1014398",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1014398"
          },
          {
            "name": "MDKSA-2005:196",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
          },
          {
            "name": "oval:org.mitre.oval:def:1542",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
          },
          {
            "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
          },
          {
            "name": "USN-151-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntulinux.org/usn/usn-151-3"
          },
          {
            "name": "oval:org.mitre.oval:def:1262",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
          },
          {
            "name": "20071021 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
          },
          {
            "name": "18507",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18507"
          },
          {
            "name": "17054",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17054"
          },
          {
            "name": "USN-148-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/148-1/"
          },
          {
            "name": "14162",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/14162"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
          },
          {
            "name": "HPSBUX02090",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
          },
          {
            "name": "31492",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "name": "MDKSA-2006:070",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
          },
          {
            "name": "RHSA-2008:0629",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
          },
          {
            "name": "17225",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17225"
          },
          {
            "name": "ADV-2007-1267",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1267"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
          },
          {
            "name": "SSRT051058",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
          },
          {
            "name": "18406",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18406"
          },
          {
            "name": "20071029 Windows binary of \"Virtual Floppy Drive 2.1\" contains vulnerable zlib (CAN-2005-2096)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
          },
          {
            "name": "24788",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24788"
          },
          {
            "name": "MDKSA-2005:112",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRAKE",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
          },
          {
            "name": "32706",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32706"
          },
          {
            "name": "oval:org.mitre.oval:def:11500",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
          },
          {
            "name": "17326",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17326"
          },
          {
            "name": "ADV-2005-0978",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/0978"
          },
          {
            "name": "20071018 Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
          },
          {
            "name": "20071029 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
          },
          {
            "name": "APPLE-SA-2005-08-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
          },
          {
            "name": "17516",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17516"
          },
          {
            "name": "DSA-740",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2005/dsa-740"
          },
          {
            "name": "ADV-2006-0144",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0144"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT3298"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
          },
          {
            "name": "RHSA-2005:569",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
          },
          {
            "name": "GLSA-200507-05",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
          },
          {
            "name": "19597",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19597"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
          },
          {
            "name": "SCOSA-2006.6",
            "tags": [
              "vendor-advisory",
              "x_refsource_SCO",
              "x_transferred"
            ],
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"
          },
          {
            "name": "19550",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19550"
          },
          {
            "name": "18377",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18377"
          },
          {
            "name": "APPLE-SA-2005-08-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
          },
          {
            "name": "FLSA:162680",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
          },
          {
            "name": "VU#680620",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/680620"
          },
          {
            "name": "20071020 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-07-06T04:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T18:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "101989",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
        },
        {
          "name": "DSA-1026",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1026"
        },
        {
          "name": "17236",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17236"
        },
        {
          "name": "20071018 Official Windows binaries of \"curl\" contain vulnerable zlib 1.2.2 (CAN-2005-2096)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
        },
        {
          "name": "hpux-secure-shell-dos(24064)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
        },
        {
          "name": "APPLE-SA-2008-11-13",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
        },
        {
          "name": "FreeBSD-SA-05:16.zlib",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"
        },
        {
          "name": "15949",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/15949"
        },
        {
          "name": "DSA-797",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-797"
        },
        {
          "name": "GLSA-200509-18",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
        },
        {
          "name": "1014398",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1014398"
        },
        {
          "name": "MDKSA-2005:196",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
        },
        {
          "name": "oval:org.mitre.oval:def:1542",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
        },
        {
          "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
        },
        {
          "name": "USN-151-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntulinux.org/usn/usn-151-3"
        },
        {
          "name": "oval:org.mitre.oval:def:1262",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
        },
        {
          "name": "20071021 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
        },
        {
          "name": "18507",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18507"
        },
        {
          "name": "17054",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17054"
        },
        {
          "name": "USN-148-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/148-1/"
        },
        {
          "name": "14162",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/14162"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
        },
        {
          "name": "HPSBUX02090",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
        },
        {
          "name": "31492",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31492"
        },
        {
          "name": "MDKSA-2006:070",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
        },
        {
          "name": "RHSA-2008:0629",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
        },
        {
          "name": "17225",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17225"
        },
        {
          "name": "ADV-2007-1267",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1267"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
        },
        {
          "name": "SSRT051058",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
        },
        {
          "name": "18406",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18406"
        },
        {
          "name": "20071029 Windows binary of \"Virtual Floppy Drive 2.1\" contains vulnerable zlib (CAN-2005-2096)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
        },
        {
          "name": "24788",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24788"
        },
        {
          "name": "MDKSA-2005:112",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRAKE"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
        },
        {
          "name": "32706",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32706"
        },
        {
          "name": "oval:org.mitre.oval:def:11500",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
        },
        {
          "name": "17326",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17326"
        },
        {
          "name": "ADV-2005-0978",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/0978"
        },
        {
          "name": "20071018 Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
        },
        {
          "name": "20071029 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
        },
        {
          "name": "APPLE-SA-2005-08-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
        },
        {
          "name": "17516",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17516"
        },
        {
          "name": "DSA-740",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2005/dsa-740"
        },
        {
          "name": "ADV-2006-0144",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0144"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT3298"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
        },
        {
          "name": "RHSA-2005:569",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
        },
        {
          "name": "GLSA-200507-05",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
        },
        {
          "name": "19597",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19597"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
        },
        {
          "name": "SCOSA-2006.6",
          "tags": [
            "vendor-advisory",
            "x_refsource_SCO"
          ],
          "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"
        },
        {
          "name": "19550",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19550"
        },
        {
          "name": "18377",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18377"
        },
        {
          "name": "APPLE-SA-2005-08-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
        },
        {
          "name": "FLSA:162680",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
        },
        {
          "name": "VU#680620",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/680620"
        },
        {
          "name": "20071020 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2005-2096",
    "datePublished": "2005-07-06T08:00:00.000Z",
    "dateReserved": "2005-06-30T04:00:00.000Z",
    "dateUpdated": "2024-08-07T22:15:37.425Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-W2QV-RHM9-97P2

Vulnerability from github – Published: 2022-05-03 03:14 – Updated: 2022-05-03 03:14

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-2096"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-07-06T04:00:00Z",
    "severity": "HIGH"
  },
  "details": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.",
  "id": "GHSA-w2qv-rhm9-97p2",
  "modified": "2022-05-03T03:14:13Z",
  "published": "2022-05-03T03:14:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-2096"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/148-1"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/15949"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17054"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17225"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17236"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17326"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17516"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18377"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18406"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18507"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19550"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/19597"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/24788"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/31492"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32706"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1014398"
    },
    {
      "type": "WEB",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
    },
    {
      "type": "WEB",
      "url": "http://support.apple.com/kb/HT3298"
    },
    {
      "type": "WEB",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2005/dsa-740"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2005/dsa-797"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2006/dsa-1026"
    },
    {
      "type": "WEB",
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/680620"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
    },
    {
      "type": "WEB",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/14162"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntulinux.org/usn/usn-151-3"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/0978"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0144"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/1267"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2008-AVI-557

Vulnerability from certfr_avis - Published: 2008-11-14 - Updated: 2008-11-14

Plusieurs vulnérabilités affectent le navigateur Safari. Leur exploitation permet d'accéder à des données sensibles ou d'exécuter du code arbitraire à distance sur le système vulnérable.

Description

Plusieurs vulnérabilités affectent le traitement des images, en particulier au format PNG, TIFF ou JPEG. L'exploitation de chacune d'entre elles permet d'exécuter du code arbitraire à distance.

Une vulnérabilité dans le traitement des feuilles de style est utilisable de manière malveillante pour exécuter du code arbitraire à distance.

Une vulnérabilité dans le traitement des javascripts est utilisable de manière malveillante pour exécuter du code arbitraire à distance.

Une erreur dans Webkit et une erreur dans la gestion des formulaires permettent à un utilisateur malveillant d'accéder à des données sensibles.

Solution

La version 3.2 remédie à ces vulnérabilités.

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Safari 3.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

GSD-2005-2096

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2005-2096

Aliases

CVE-2005-2096

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-2096",
    "description": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.",
    "id": "GSD-2005-2096",
    "references": [
      "https://www.suse.com/security/cve/CVE-2005-2096.html",
      "https://www.debian.org/security/2006/dsa-1026",
      "https://www.debian.org/security/2005/dsa-797",
      "https://www.debian.org/security/2005/dsa-740",
      "https://access.redhat.com/errata/RHSA-2008:0629",
      "https://access.redhat.com/errata/RHSA-2008:0525",
      "https://access.redhat.com/errata/RHSA-2008:0264",
      "https://access.redhat.com/errata/RHSA-2005:569"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-2096"
      ],
      "details": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.",
      "id": "GSD-2005-2096",
      "modified": "2023-12-13T01:20:10.162630Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2005-2096",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
          },
          {
            "name": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc",
            "refsource": "MISC",
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"
          },
          {
            "name": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt",
            "refsource": "MISC",
            "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"
          },
          {
            "name": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html",
            "refsource": "MISC",
            "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
          },
          {
            "name": "http://secunia.com/advisories/15949",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/15949"
          },
          {
            "name": "http://secunia.com/advisories/17054",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17054"
          },
          {
            "name": "http://secunia.com/advisories/17225",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17225"
          },
          {
            "name": "http://secunia.com/advisories/17236",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17236"
          },
          {
            "name": "http://secunia.com/advisories/17326",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17326"
          },
          {
            "name": "http://secunia.com/advisories/17516",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/17516"
          },
          {
            "name": "http://secunia.com/advisories/18377",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18377"
          },
          {
            "name": "http://secunia.com/advisories/18406",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18406"
          },
          {
            "name": "http://secunia.com/advisories/18507",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/18507"
          },
          {
            "name": "http://secunia.com/advisories/19550",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19550"
          },
          {
            "name": "http://secunia.com/advisories/19597",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/19597"
          },
          {
            "name": "http://secunia.com/advisories/24788",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/24788"
          },
          {
            "name": "http://secunia.com/advisories/31492",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/31492"
          },
          {
            "name": "http://secunia.com/advisories/32706",
            "refsource": "MISC",
            "url": "http://secunia.com/advisories/32706"
          },
          {
            "name": "http://security.gentoo.org/glsa/glsa-200507-05.xml",
            "refsource": "MISC",
            "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
          },
          {
            "name": "http://securitytracker.com/id?1014398",
            "refsource": "MISC",
            "url": "http://securitytracker.com/id?1014398"
          },
          {
            "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1",
            "refsource": "MISC",
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
          },
          {
            "name": "http://support.apple.com/kb/HT3298",
            "refsource": "MISC",
            "url": "http://support.apple.com/kb/HT3298"
          },
          {
            "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm",
            "refsource": "MISC",
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
          },
          {
            "name": "http://www.debian.org/security/2005/dsa-740",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2005/dsa-740"
          },
          {
            "name": "http://www.debian.org/security/2005/dsa-797",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2005/dsa-797"
          },
          {
            "name": "http://www.debian.org/security/2006/dsa-1026",
            "refsource": "MISC",
            "url": "http://www.debian.org/security/2006/dsa-1026"
          },
          {
            "name": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml",
            "refsource": "MISC",
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
          },
          {
            "name": "http://www.kb.cert.org/vuls/id/680620",
            "refsource": "MISC",
            "url": "http://www.kb.cert.org/vuls/id/680620"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
          },
          {
            "name": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070",
            "refsource": "MISC",
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2005-569.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
          },
          {
            "name": "http://www.redhat.com/support/errata/RHSA-2008-0629.html",
            "refsource": "MISC",
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/421411/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/464745/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/482503/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/482505/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/482571/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/482601/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/482949/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/archive/1/482950/100/0/threaded",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
          },
          {
            "name": "http://www.securityfocus.com/bid/14162",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/14162"
          },
          {
            "name": "http://www.ubuntulinux.org/usn/usn-151-3",
            "refsource": "MISC",
            "url": "http://www.ubuntulinux.org/usn/usn-151-3"
          },
          {
            "name": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
          },
          {
            "name": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html",
            "refsource": "MISC",
            "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2005/0978",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2005/0978"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2006/0144",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2006/0144"
          },
          {
            "name": "http://www.vupen.com/english/advisories/2007/1267",
            "refsource": "MISC",
            "url": "http://www.vupen.com/english/advisories/2007/1267"
          },
          {
            "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
          },
          {
            "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
          },
          {
            "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064",
            "refsource": "MISC",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
          },
          {
            "name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542",
            "refsource": "MISC",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
          },
          {
            "name": "https://usn.ubuntu.com/148-1/",
            "refsource": "MISC",
            "url": "https://usn.ubuntu.com/148-1/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2005-2096"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "DSA-740",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2005/dsa-740"
            },
            {
              "name": "RHSA-2005:569",
              "refsource": "REDHAT",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
            },
            {
              "name": "GLSA-200507-05",
              "refsource": "GENTOO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
            },
            {
              "name": "14162",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/14162"
            },
            {
              "name": "1014398",
              "refsource": "SECTRACK",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://securitytracker.com/id?1014398"
            },
            {
              "name": "15949",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/15949"
            },
            {
              "name": "APPLE-SA-2005-08-15",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
            },
            {
              "name": "APPLE-SA-2005-08-17",
              "refsource": "APPLE",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
            },
            {
              "name": "FLSA:162680",
              "refsource": "FEDORA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
            },
            {
              "name": "GLSA-200509-18",
              "refsource": "GENTOO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
            },
            {
              "name": "DSA-797",
              "refsource": "DEBIAN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.debian.org/security/2005/dsa-797"
            },
            {
              "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
            },
            {
              "name": "FreeBSD-SA-05:16.zlib",
              "refsource": "FREEBSD",
              "tags": [],
              "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"
            },
            {
              "name": "101989",
              "refsource": "SUNALERT",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
            },
            {
              "name": "VU#680620",
              "refsource": "CERT-VN",
              "tags": [
                "Third Party Advisory",
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/680620"
            },
            {
              "name": "USN-151-3",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntulinux.org/usn/usn-151-3"
            },
            {
              "name": "SCOSA-2006.6",
              "refsource": "SCO",
              "tags": [],
              "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"
            },
            {
              "name": "18406",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18406"
            },
            {
              "name": "18377",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18377"
            },
            {
              "name": "17054",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17054"
            },
            {
              "name": "17225",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17225"
            },
            {
              "name": "17236",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17236"
            },
            {
              "name": "17326",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17326"
            },
            {
              "name": "17516",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17516"
            },
            {
              "name": "19550",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19550"
            },
            {
              "name": "DSA-1026",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2006/dsa-1026"
            },
            {
              "name": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
            },
            {
              "name": "18507",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/18507"
            },
            {
              "name": "19597",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/19597"
            },
            {
              "name": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
            },
            {
              "name": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
            },
            {
              "name": "24788",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/24788"
            },
            {
              "name": "MDKSA-2005:112",
              "refsource": "MANDRAKE",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
            },
            {
              "name": "MDKSA-2005:196",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
            },
            {
              "name": "MDKSA-2006:070",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
            },
            {
              "name": "APPLE-SA-2008-11-13",
              "refsource": "APPLE",
              "tags": [],
              "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
            },
            {
              "name": "http://support.apple.com/kb/HT3298",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://support.apple.com/kb/HT3298"
            },
            {
              "name": "RHSA-2008:0629",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
            },
            {
              "name": "31492",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/31492"
            },
            {
              "name": "ADV-2007-1267",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2007/1267"
            },
            {
              "name": "ADV-2006-0144",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0144"
            },
            {
              "name": "ADV-2005-0978",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/0978"
            },
            {
              "name": "32706",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/32706"
            },
            {
              "name": "hpux-secure-shell-dos(24064)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
            },
            {
              "name": "oval:org.mitre.oval:def:1542",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
            },
            {
              "name": "oval:org.mitre.oval:def:1262",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
            },
            {
              "name": "oval:org.mitre.oval:def:11500",
              "refsource": "OVAL",
              "tags": [],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
            },
            {
              "name": "USN-148-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "https://usn.ubuntu.com/148-1/"
            },
            {
              "name": "20071029 Windows binary of \"Virtual Floppy Drive 2.1\" contains vulnerable zlib (CAN-2005-2096)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
            },
            {
              "name": "20071029 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
            },
            {
              "name": "20071021 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
            },
            {
              "name": "20071020 Re: Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
            },
            {
              "name": "20071018 Official Windows binaries of \"curl\" contain vulnerable zlib 1.2.2 (CAN-2005-2096)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
            },
            {
              "name": "20071018 Windows binary of \"GSview 4.8\" contain vulnerable zlib (CAN-2005-2096)",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
            },
            {
              "name": "20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
            },
            {
              "name": "HPSBUX02090",
              "refsource": "HP",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2022-06-22T16:40Z",
      "publishedDate": "2005-07-06T04:00Z"
    }
  }
}

JVNDB-2015-000066

Vulnerability from jvndb - Published: 2015-05-19 13:40 - Updated:2015-05-22 14:26

Severity ?

N/A (UNKNOWN) - -

Summary

BGA32.DLL and QBga32.DLL contain multiple vulnerabilities

Details

BGA32.DLL is a compression/decompression library for gza and bza-format files. BGA32.DLL contains multiple vulnerabilities (including a buffer overflow) because it utilizes vulnerable zlib and bzip2 libraries. QBga32.DLL, which is a wrapper of BGA32.DLL, is also affected. KONDOU, Kazuhiro reported this vulnerability to IPA. JPCERT/CC coordinated with the developers under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN78689801/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0953
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1260
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0107
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0953
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1260
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1849
	NVD	https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2096
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	Kazuhiro Inaba	QBga32.DLL
	Toshinobu Kimura	BGA32.DLL

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000066.html",
  "dc:date": "2015-05-22T14:26+09:00",
  "dcterms:issued": "2015-05-19T13:40+09:00",
  "dcterms:modified": "2015-05-22T14:26+09:00",
  "description": "BGA32.DLL is a compression/decompression library for gza and bza-format files. BGA32.DLL contains multiple vulnerabilities (including a buffer overflow) because it utilizes vulnerable zlib and bzip2 libraries.\r\nQBga32.DLL, which is a wrapper of BGA32.DLL, is also affected.\r\n\r\nKONDOU, Kazuhiro reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developers under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000066.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:misc:kazuhiro_inaba_qbga32.dll",
      "@product": "QBga32.DLL",
      "@vendor": "Kazuhiro Inaba",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:toshinobu_kimura_bga32.dll",
      "@product": "BGA32.DLL",
      "@vendor": "Toshinobu Kimura",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2015-000066",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN78689801/index.html",
      "@id": "JVN#78689801",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0107",
      "@id": "CVE-2003-0107",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0953",
      "@id": "CVE-2005-0953",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1260",
      "@id": "CVE-2005-1260",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849",
      "@id": "CVE-2005-1849",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096",
      "@id": "CVE-2005-2096",
      "@source": "CVE"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0107",
      "@id": "CVE-2003-0107",
      "@source": "NVD"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0953",
      "@id": "CVE-2005-0953",
      "@source": "NVD"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1260",
      "@id": "CVE-2005-1260",
      "@source": "NVD"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1849",
      "@id": "CVE-2005-1849",
      "@source": "NVD"
    },
    {
      "#text": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2096",
      "@id": "CVE-2005-2096",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "BGA32.DLL and QBga32.DLL contain multiple vulnerabilities"
}

FKIE_CVE-2005-2096

Vulnerability from fkie_nvd - Published: 2005-07-06 04:00 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc
secalert@redhat.com	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
secalert@redhat.com	http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html	Vendor Advisory
secalert@redhat.com	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
secalert@redhat.com	http://secunia.com/advisories/15949	Patch, Vendor Advisory
secalert@redhat.com	http://secunia.com/advisories/17054
secalert@redhat.com	http://secunia.com/advisories/17225
secalert@redhat.com	http://secunia.com/advisories/17236
secalert@redhat.com	http://secunia.com/advisories/17326
secalert@redhat.com	http://secunia.com/advisories/17516
secalert@redhat.com	http://secunia.com/advisories/18377
secalert@redhat.com	http://secunia.com/advisories/18406
secalert@redhat.com	http://secunia.com/advisories/18507
secalert@redhat.com	http://secunia.com/advisories/19550
secalert@redhat.com	http://secunia.com/advisories/19597
secalert@redhat.com	http://secunia.com/advisories/24788
secalert@redhat.com	http://secunia.com/advisories/31492
secalert@redhat.com	http://secunia.com/advisories/32706
secalert@redhat.com	http://security.gentoo.org/glsa/glsa-200507-05.xml	Patch, Vendor Advisory
secalert@redhat.com	http://securitytracker.com/id?1014398	Vendor Advisory
secalert@redhat.com	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1	Patch, Vendor Advisory
secalert@redhat.com	http://support.apple.com/kb/HT3298
secalert@redhat.com	http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
secalert@redhat.com	http://www.debian.org/security/2005/dsa-740	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2005/dsa-797	Patch, Vendor Advisory
secalert@redhat.com	http://www.debian.org/security/2006/dsa-1026
secalert@redhat.com	http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml	Patch, Vendor Advisory
secalert@redhat.com	http://www.kb.cert.org/vuls/id/680620	Third Party Advisory, US Government Resource
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2005:112
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2005:196
secalert@redhat.com	http://www.mandriva.com/security/advisories?name=MDKSA-2006:070
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2005-569.html	Patch, Vendor Advisory
secalert@redhat.com	http://www.redhat.com/support/errata/RHSA-2008-0629.html
secalert@redhat.com	http://www.securityfocus.com/archive/1/421411/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/464745/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/482503/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/482505/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/482571/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/482601/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/482949/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/archive/1/482950/100/0/threaded
secalert@redhat.com	http://www.securityfocus.com/bid/14162	Patch
secalert@redhat.com	http://www.ubuntulinux.org/usn/usn-151-3
secalert@redhat.com	http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
secalert@redhat.com	http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
secalert@redhat.com	http://www.vupen.com/english/advisories/2005/0978
secalert@redhat.com	http://www.vupen.com/english/advisories/2006/0144
secalert@redhat.com	http://www.vupen.com/english/advisories/2007/1267
secalert@redhat.com	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391	Vendor Advisory
secalert@redhat.com	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680	Vendor Advisory
secalert@redhat.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/24064
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262
secalert@redhat.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
secalert@redhat.com	https://usn.ubuntu.com/148-1/
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/15949	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17054
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17225
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17236
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17326
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17516
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18377
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18406
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18507
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19550
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/19597
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24788
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31492
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32706
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200507-05.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1014398	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT3298
af854a3a-2127-422b-91ae-364da2661108	http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-740	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2005/dsa-797	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2006/dsa-1026
af854a3a-2127-422b-91ae-364da2661108	http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/680620	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:112
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2005:196
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDKSA-2006:070
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2005-569.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0629.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/421411/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/464745/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482503/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482505/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482571/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482601/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482949/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/482950/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/14162	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntulinux.org/usn/usn-151-3
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/0978
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0144
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/1267
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24064
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/148-1/

Impacted products

Vendor	Product	Version
zlib	zlib	1.2.0
zlib	zlib	1.2.1
zlib	zlib	1.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zlib:zlib:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E8D0212-4805-4C50-A8C7-7A2AF3424929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zlib:zlib:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C493104-5D6B-417F-BD77-32A4868A3398",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zlib:zlib:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C77C974-9A8A-4F22-A680-5095552589BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file."
    }
  ],
  "id": "CVE-2005-2096",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-07-06T04:00:00.000",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"
    },
    {
      "source": "secalert@redhat.com",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/15949"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17054"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17225"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17236"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17326"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/17516"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18377"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18406"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/18507"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19550"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/19597"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/24788"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/31492"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/32706"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://securitytracker.com/id?1014398"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT3298"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-740"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-797"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2006/dsa-1026"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/680620"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/14162"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntulinux.org/usn/usn-151-3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2005/0978"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2006/0144"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.vupen.com/english/advisories/2007/1267"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://usn.ubuntu.com/148-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/15949"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17236"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17326"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17516"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/18507"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19550"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/19597"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24788"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32706"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-200507-05.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://securitytracker.com/id?1014398"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3298"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-740"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.debian.org/security/2005/dsa-797"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2006/dsa-1026"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/680620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:196"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2005-569.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0629.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/464745/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482503/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482505/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482571/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482601/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482949/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/482950/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/14162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntulinux.org/usn/usn-151-3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/0978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0144"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/1267"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/148-1/"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.",
      "lastModified": "2007-03-14T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-2096 (GCVE-0-2005-2096)

GHSA-W2QV-RHM9-97P2

CERTA-2008-AVI-557

Description

Solution

GSD-2005-2096

JVNDB-2015-000066

FKIE_CVE-2005-2096

Tags

Sightings

Nomenclature