CVE-2005-2096
CVE-2005-2096
zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:16.zlib.ascftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.6/SCOSA-2006.6.txthttp://lists.apple.com/archives/security-announce/2005/Aug/msg00000.htmlhttp://lists.apple.com/archives/security-announce/2005//Aug/msg00001.htmlhttp://lists.apple.com/archives/security-announce//2008/Nov/msg00001.htmlhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162680http://secunia.com/advisories/15949http://secunia.com/advisories/17054http://secunia.com/advisories/17225http://secunia.com/advisories/17236http://secunia.com/advisories/17326