CVE-2005-2096

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

Affected Software

Name	Vendor	Start Version	End Version
Zlib	Zlib	1.2.0 (including)	1.2.0 (including)
Zlib	Zlib	1.2.1 (including)	1.2.1 (including)
Zlib	Zlib	1.2.2 (including)	1.2.2 (including)
Red Hat Enterprise Linux 4	RedHat	zlib-0:1.2.1.2-1.1	*
Red Hat Network Satellite Server v 4.2	RedHat	rhn-solaris-bootstrap-0:5.0.2-3	*
Red Hat Network Satellite Server v 4.2	RedHat	rhn_solaris_bootstrap_5_0_2_3-0:1-0	*
Red Hat Network Satellite Server v 4.2 (RHEL3)	RedHat	rhn-solaris-bootstrap-0:5.0.2-3	*
Red Hat Network Satellite Server v 4.2 (RHEL3)	RedHat	rhn_solaris_bootstrap_5_0_2_3-0:1-0	*
Red Hat Network Satellite Server v 5.0	RedHat	rhn-solaris-bootstrap-0:5.0.2-3	*
Red Hat Network Satellite Server v 5.0	RedHat	rhn_solaris_bootstrap_5_0_2_3-0:1-0	*
Red Hat Network Satellite Server v 5.1	RedHat	rhn-solaris-bootstrap-0:5.1.1-3	*
Red Hat Network Satellite Server v 5.1	RedHat	rhn_solaris_bootstrap_5_1_1_3-0:1-0	*
Aide	Ubuntu	dapper	*
Aide	Ubuntu	devel	*
Aide	Ubuntu	edgy	*
Aide	Ubuntu	feisty	*
Bacula	Ubuntu	dapper	*
Bacula	Ubuntu	edgy	*
Bacula	Ubuntu	feisty	*
Dump	Ubuntu	dapper	*
Dump	Ubuntu	devel	*
Dump	Ubuntu	edgy	*
Dump	Ubuntu	feisty	*
Ia32-libs	Ubuntu	dapper	*
Ia32-libs	Ubuntu	devel	*
Ia32-libs	Ubuntu	edgy	*
Ia32-libs	Ubuntu	feisty	*
Rpm	Ubuntu	dapper	*
Rpm	Ubuntu	devel	*
Rpm	Ubuntu	edgy	*
Rpm	Ubuntu	feisty	*
Zlib	Ubuntu	dapper	*
Zlib	Ubuntu	devel	*
Zlib	Ubuntu	edgy	*
Zlib	Ubuntu	feisty	*
Zsync	Ubuntu	dapper	*
Zsync	Ubuntu	devel	*
Zsync	Ubuntu	edgy	*
Zsync	Ubuntu	feisty	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-2096
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References