CVE-2004-0994
- Source
- https://cve.org/CVERecord?id=CVE-2004-0994
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2004-0994.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2004-0994
- Downstream
- Withdrawn
- 2026-01-27T04:05:33.736707Z
- Published
- 2005-01-10T05:00:00Z
- Modified
- 2026-01-27T04:05:33.736707Z
- Summary
- [none]
- Details
-
Multiple integer overflows in xzgv 0.8 and earlier allow remote attackers to execute arbitrary code via images with large width and height values, which trigger a heap-based buffer overflow, as demonstrated in the readprffile function in readprf.c. NOTE: CVE-2004-0994 and CVE-2004-1095 identify sets of bugs that only partially overlap, despite having the same developer. Therefore, they should be regarded as distinct.
- References