CVE-2005-2096

Description

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

Affected packages (12)

• Debian/aidefrom 0, < 0.10-6.1.1
• Debian/baculafrom 0, < 1.36.3-2
• Debian/dpkgfrom 0, < 1.13.11
• Debian/dumpfrom 0, < 0.4b40-1
• Debian/libphysfsfrom 0, < 1.0.0-5
• Debian/pvpgnfrom 0, < 1.7.8-2
• Debian/rpmfrom 0, < 4.0.4-31.1
• Debian/sashfrom 0, < 3.7-6
• Debian/texmacsfrom 0, < 1:1.0.5-3
• Debian/zlibfrom 0, < 1:1.2.2-4.sarge.1
• Debian/zlibfrom 0, < 1:1.2.2-7
• Debian/zsyncfrom 0, < 0.4.0-2

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2096