FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-2096

This CVE name corresponds to:

Entered Topic
2005-07-06 zlib -- buffer overflow vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-2096 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-2096
Phase Assigned(20050630)

Description

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

References

Source Reference
BUGTRAQ 20070404 VMSA-2007-0003 VMware ESX 3.0.1 and 3.0.0 server security updates
BUGTRAQ 20071029 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
BUGTRAQ 20071029 Windows binary of "Virtual Floppy Drive 2.1" contains vulnerable zlib (CAN-2005-2096)
BUGTRAQ 20071018 Official Windows binaries of "curl" contain vulnerable zlib 1.2.2 (CAN-2005-2096)
BUGTRAQ 20071018 Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
BUGTRAQ 20071020 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
BUGTRAQ 20071021 Re: Windows binary of "GSview 4.8" contain vulnerable zlib (CAN-2005-2096)
MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=162391
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
CONFIRM http://www.vmware.com/support/vi3/doc/esx-3616065-patch.html
CONFIRM http://www.vmware.com/support/vi3/doc/esx-9916286-patch.html
CONFIRM http://support.apple.com/kb/HT3298
APPLE APPLE-SA-2005-08-15
APPLE APPLE-SA-2005-08-17
APPLE APPLE-SA-2008-11-13
DEBIAN DSA-740
DEBIAN DSA-797
DEBIAN DSA-1026
FEDORA FLSA:162680
FREEBSD FreeBSD-SA-05:16.zlib
GENTOO GLSA-200507-05
GENTOO GLSA-200509-18
HP HPSBUX02090
HP SSRT051058
MANDRAKE MDKSA-2005:112
MANDRIVA MDKSA-2005:196
MANDRIVA MDKSA-2006:070
REDHAT RHSA-2005:569
REDHAT RHSA-2008:0629
SCO SCOSA-2006.6
SUNALERT 101989
SUSE SUSE-SA:2005:039
UBUNTU USN-148-1
UBUNTU USN-151-3
CERT-VN VU#680620
BID 14162
OVAL oval:org.mitre.oval:def:11500
SECUNIA 32706
VUPEN ADV-2005-0978
VUPEN ADV-2006-0144
VUPEN ADV-2007-1267
OVAL oval:org.mitre.oval:def:1262
OVAL oval:org.mitre.oval:def:1542
SECTRACK 1014398
SECUNIA 15949
SECUNIA 18406
SECUNIA 18377
SECUNIA 17054
SECUNIA 17225
SECUNIA 17236
SECUNIA 17326
SECUNIA 17516
SECUNIA 19550
SECUNIA 18507
SECUNIA 19597
SECUNIA 24788
SECUNIA 31492
XF hpux-secure-shell-dos(24064)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.