CVE - CVE-2005-2096

CVE-ID
CVE-2005-2096	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1014398 URL:http://securitytracker.com/id?1014398 MISC:101989 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-101989-1~~ (Obsolete source) MISC:14162 URL:http://www.securityfocus.com/bid/14162 MISC:15949 URL:http://secunia.com/advisories/15949 MISC:17054 URL:http://secunia.com/advisories/17054 MISC:17225 URL:http://secunia.com/advisories/17225 MISC:17236 URL:http://secunia.com/advisories/17236 MISC:17326 URL:http://secunia.com/advisories/17326 MISC:17516 URL:http://secunia.com/advisories/17516 MISC:18377 URL:http://secunia.com/advisories/18377 MISC:18406 URL:http://secunia.com/advisories/18406 MISC:18507 URL:http://secunia.com/advisories/18507 MISC:19550 URL:http://secunia.com/advisories/19550 MISC:19597 URL:http://secunia.com/advisories/19597 MISC:20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates URL:http://www.securityfocus.com/archive/1/464745/100/0/threaded MISC:20071018 Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096) URL:http://www.securityfocus.com/archive/1/482505/100/0/threaded MISC:20071018 Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) URL:http://www.securityfocus.com/archive/1/482503/100/0/threaded MISC:20071020 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) URL:http://www.securityfocus.com/archive/1/482571/100/0/threaded MISC:20071021 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) URL:http://www.securityfocus.com/archive/1/482601/100/0/threaded MISC:20071029 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096) URL:http://www.securityfocus.com/archive/1/482949/100/0/threaded MISC:20071029 Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096) URL:http://www.securityfocus.com/archive/1/482950/100/0/threaded MISC:24788 URL:http://secunia.com/advisories/24788 MISC:31492 URL:http://secunia.com/advisories/31492 MISC:32706 URL:http://secunia.com/advisories/32706 MISC:ADV-2005-0978 URL:~~http://www.vupen.com/english/advisories/2005/0978~~ (Obsolete source) MISC:ADV-2006-0144 URL:~~http://www.vupen.com/english/advisories/2006/0144~~ (Obsolete source) MISC:ADV-2007-1267 URL:~~http://www.vupen.com/english/advisories/2007/1267~~ (Obsolete source) MISC:APPLE-SA-2005-08-15 URL:http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html MISC:APPLE-SA-2005-08-17 URL:http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html MISC:APPLE-SA-2008-11-13 URL:http://lists.apple.com/archives/security-announce//2008/Nov/msg00001.html MISC:DSA-1026 URL:http://www.debian.org/security/2006/dsa-1026 MISC:DSA-740 URL:http://www.debian.org/security/2005/dsa-740 MISC:DSA-797 URL:http://www.debian.org/security/2005/dsa-797 MISC:FLSA:162680 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680 MISC:FreeBSD-SA-05:16.zlib URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.asc MISC:GLSA-200507-05 URL:http://security.gentoo.org/glsa/glsa-200507-05.xml MISC:GLSA-200509-18 URL:http://www.gentoo.org/security/en/glsa/glsa-200509-18.xml MISC:HPSBUX02090 URL:http://www.securityfocus.com/archive/1/421411/100/0/threaded MISC:MDKSA-2005:112 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2005:112~~ (Obsolete source) MISC:MDKSA-2005:196 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2005:196~~ (Obsolete source) MISC:MDKSA-2006:070 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:070~~ (Obsolete source) MISC:RHSA-2005:569 URL:http://www.redhat.com/support/errata/RHSA-2005-569.html MISC:RHSA-2008:0629 URL:http://www.redhat.com/support/errata/RHSA-2008-0629.html MISC:SCOSA-2006.6 URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txt MISC:SSRT051058 URL:http://www.securityfocus.com/archive/1/421411/100/0/threaded MISC:USN-148-1 URL:https://usn.ubuntu.com/148-1/ MISC:USN-151-3 URL:http://www.ubuntulinux.org/usn/usn-151-3 MISC:VU#680620 URL:http://www.kb.cert.org/vuls/id/680620 MISC:hpux-secure-shell-dos(24064) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/24064 MISC:http://support.apple.com/kb/HT3298 URL:http://support.apple.com/kb/HT3298 MISC:http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm URL:http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm MISC:http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html URL:http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html MISC:http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html URL:http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html MISC:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391 URL:https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391 MISC:oval:org.mitre.oval:def:11500 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11500 MISC:oval:org.mitre.oval:def:1262 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1262 MISC:oval:org.mitre.oval:def:1542 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1542
Assigning CNA
Red Hat, Inc.
Date Record Created
20050630	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20050630)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)