DEBIAN-CVE-2005-2096

Advisory lineage Upstream: 1 Downstream: 3

Upstream

CVE-2005-2096

Downstream

DSA-1026-1 DSA-740-1 DSA-797-1

Published: 06 Jul 2005, 04:00

Last modified:28 Apr 2026, 20:03

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Jul 2005, 04:00

Published

Vulnerability first disclosed

28 Apr 2026, 20:03

Last Modified

Vulnerability information updated

Description

zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.

Affected Systems

debian•aide
< 0.10-6.1.1 | < 0.10-6.1.1 | < 0.10-6.1.1 | < 0.10-6.1.1
debian•bacula
< 1.36.3-2 | < 1.36.3-2 | < 1.36.3-2 | < 1.36.3-2
debian•dpkg
< 1.13.11 | < 1.13.11 | < 1.13.11 | < 1.13.11
debian•dump
< 0.4b40-1 | < 0.4b40-1 | < 0.4b40-1 | < 0.4b40-1
debian•libphysfs
< 1.0.0-5 | < 1.0.0-5 | < 1.0.0-5 | < 1.0.0-5
debian•pvpgn
< 1.7.8-2 | < 1.7.8-2 | < 1.7.8-2 | < 1.7.8-2
debian•rpm
< 4.0.4-31.1 | < 4.0.4-31.1 | < 4.0.4-31.1 | < 4.0.4-31.1
debian•sash
< 3.7-6 | < 3.7-6 | < 3.7-6 | < 3.7-6
debian•texmacs
< 1:1.0.5-3 | < 1:1.0.5-3
debian•zlib
< 1:1.2.2-7 | < 1:1.2.2-7 | < 1:1.2.2-7 | < 1:1.2.2-7
debian•zsync
< 0.4.0-2 | < 0.4.0-2 | < 0.4.0-2 | < 0.4.0-2

References (1)

https://security-tracker.debian.org/tracker/CVE-2005-2096