CVE-2005-2096

CVSS 7.5 - HIGH

Description

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

Affected Products

3

Vendor	Product	Version
zlib	zlib	`1.2.0`
zlib	zlib	`1.2.1`
zlib	zlib	`1.2.2`

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/...

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-200...

http://lists.apple.com/archives/security-announce/...

http://lists.apple.com/archives/security-announce/...

http://lists.apple.com/archives/security-announce/...

http://secunia.com/advisories/15949

http://secunia.com/advisories/17054

http://secunia.com/advisories/17225

http://secunia.com/advisories/17236

http://secunia.com/advisories/17326

http://secunia.com/advisories/17516

http://secunia.com/advisories/18377

http://secunia.com/advisories/18406

http://secunia.com/advisories/18507

http://secunia.com/advisories/19550

http://secunia.com/advisories/19597

http://secunia.com/advisories/24788

http://secunia.com/advisories/31492

http://secunia.com/advisories/32706

http://security.gentoo.org/glsa/glsa-200507-05.xml

Weakness Types

NVD-CWE-Other

CVE Information

CVE ID:: CVE-2005-2096
Published:: 2005-07-06
Modified:: 2026-04-16
CVSS Score:: 7.5
Severity:: HIGH
Vector:: AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected Vendors

zlib

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL