CVE-2004-0941

Name of the Vulnerable Software and Affected Versions libgd versions 2.0.21 and earlier gd-devel versions 1.8.4 and earlier gd-progs versions 1.8.4 and earlier libgd1-noxpm versions 1.8.4 and earlier libgd1 versions 1.8.4 and earlier gd versions 1.8.4 and earlier

Description The issue is related to multiple buffer overflows in the gd graphics library, which may allow remote attackers to execute arbitrary code via malformed image files. This is due to improper calls to the gdMalloc function. The vulnerability can be exploited remotely and may lead to disruption of confidentiality, integrity, and availability of protected information.

Recommendations For libgd versions 2.0.21 and earlier, update to a version later than 2.0.21 to resolve the issue. For gd-devel versions 1.8.4 and earlier, update to a version later than 1.8.4 to resolve the issue. For gd-progs versions 1.8.4 and earlier, update to a version later than 1.8.4 to resolve the issue. For libgd1-noxpm versions 1.8.4 and earlier, update to a version later than 1.8.4 to resolve the issue. For libgd1 versions 1.8.4 and earlier, update to a version later than 1.8.4 to resolve the issue. For gd versions 1.8.4 and earlier, update to a version later than 1.8.4 to resolve the issue. As a temporary workaround, consider restricting access to the gdMalloc function until a patch is available.