CVE-2005-2974
Detail
Deferred This CVE record is not being prioritized for NVD enrichment efforts due to resource or other concerns.
Description
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
Metrics
CVSS Version 4.0
CVSS Version 3.x
CVSS Version 2.0
NVD enrichment efforts reference publicly available information to associate
vector strings. CVSS information contributed by other sources is also
displayed.
CVSS 4.0 Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 3.x Severity and Vector Strings:
NVD assessment
not yet provided.
CVSS 2.0 Severity and Vector Strings:
Vector:
(AV:N/AC:H/Au:N/C:N/I:N/A:P)
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace.
We have provided these links to other web sites because they
may have information that would be of interest to you. No
inferences should be drawn on account of other sites being
referenced, or not, from this page. There may be other web
sites that are more appropriate for your purpose. NIST does
not necessarily endorse the views expressed, or concur with
the facts presented on these sites. Further, NIST does not
endorse any commercial products that may be mentioned on
these sites. Please address comments about this page to [email protected]
URL
Source(s)
Tag(s)
http://bugs.gentoo.org/show_bug.cgi?id=109997
CVE, Inc., Red Hat
http://scary.beasts.org/security/CESA-2005-007.txt
CVE, Inc., Red Hat
http://secunia.com/advisories/17436
CVE, Inc., Red Hat
http://secunia.com/advisories/17438
CVE, Inc., Red Hat
http://secunia.com/advisories/17442
CVE, Inc., Red Hat
http://secunia.com/advisories/17462
CVE, Inc., Red Hat
http://secunia.com/advisories/17482
CVE, Inc., Red Hat
http://secunia.com/advisories/17488
CVE, Inc., Red Hat
http://secunia.com/advisories/17497
CVE, Inc., Red Hat
http://secunia.com/advisories/17508
CVE, Inc., Red Hat
http://secunia.com/advisories/17559
CVE, Inc., Red Hat
http://secunia.com/advisories/34872
CVE, Inc., Red Hat
http://secunia.com/advisories/35164
CVE, Inc., Red Hat
http://securitytracker.com/id?1015149
CVE, Inc., Red Hat
http://sourceforge.net/project/shownotes.php?release_id=364493
CVE, Inc., Red Hat
http://www.debian.org/security/2005/dsa-890
CVE, Inc., Red Hat
http://www.gentoo.org/security/en/glsa/glsa-200511-03.xml
CVE, Inc., Red Hat
http://www.mandriva.com/security/advisories?name=MDKSA-2005:207
CVE, Inc., Red Hat
http://www.osvdb.org/20470
CVE, Inc., Red Hat
http://www.redhat.com/support/errata/RHSA-2005-828.html
CVE, Inc., Red Hat
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2009-0444.html
CVE, Inc., Red Hat
http://www.securityfocus.com/advisories/9636
CVE, Inc., Red Hat
http://www.securityfocus.com/advisories/9637
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/428059/100/0/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/archive/1/428059/30/6300/threaded
CVE, Inc., Red Hat
http://www.securityfocus.com/bid/15304
CVE, Inc., Red Hat
http://www.ubuntulinux.org/usn/usn-214-1
CVE, Inc., Red Hat
http://www.vupen.com/english/advisories/2005/2295
CVE, Inc., Red Hat
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171413
CVE, Inc., Red Hat
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10994
CVE, Inc., Red Hat
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00771.html
CVE, Inc., Red Hat
Weakness Enumeration
CWE-ID
CWE Name
Source
NVD-CWE-Other
Other
NIST
Change History
7 change records found show changes
CVE Modified by CVE 11/20/2024 7:00:50 PM
Action
Type
Old Value
New Value
Added
Reference
http://bugs.gentoo.org/show_bug.cgi?id=109997
Added
Reference
http://scary.beasts.org/security/CESA-2005-007.txt
Added
Reference
http://secunia.com/advisories/17436
Added
Reference
http://secunia.com/advisories/17438
Added
Reference
http://secunia.com/advisories/17442
Added
Reference
http://secunia.com/advisories/17462
Added
Reference
http://secunia.com/advisories/17482
Added
Reference
http://secunia.com/advisories/17488
Added
Reference
http://secunia.com/advisories/17497
Added
Reference
http://secunia.com/advisories/17508
Added
Reference
http://secunia.com/advisories/17559
Added
Reference
http://secunia.com/advisories/34872
Added
Reference
http://secunia.com/advisories/35164
Added
Reference
http://securitytracker.com/id?1015149
Added
Reference
http://sourceforge.net/project/shownotes.php?release_id=364493
Added
Reference
http://www.debian.org/security/2005/dsa-890
Added
Reference
http://www.gentoo.org/security/en/glsa/glsa-200511-03.xml
Added
Reference
http://www.mandriva.com/security/advisories?name=MDKSA-2005:207
Added
Reference
http://www.osvdb.org/20470
Added
Reference
http://www.redhat.com/support/errata/RHSA-2005-828.html
Added
Reference
http://www.redhat.com/support/errata/RHSA-2009-0444.html
Added
Reference
http://www.securityfocus.com/advisories/9636
Added
Reference
http://www.securityfocus.com/advisories/9637
Added
Reference
http://www.securityfocus.com/archive/1/428059/100/0/threaded
Added
Reference
http://www.securityfocus.com/archive/1/428059/30/6300/threaded
Added
Reference
http://www.securityfocus.com/bid/15304
Added
Reference
http://www.ubuntulinux.org/usn/usn-214-1
Added
Reference
http://www.vupen.com/english/advisories/2005/2295
Added
Reference
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171413
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10994
Added
Reference
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00771.html
CVE Modified by Red Hat, Inc. 5/13/2024 9:31:41 PM
Action
Type
Old Value
New Value
CVE Modified by Red Hat, Inc. 2/12/2023 9:15:36 PM
Action
Type
Old Value
New Value
Changed
Description
CVE-2005-2974 giflib/libunfig: NULL pointer dereference crash
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
Removed
Reference
https://access.redhat.com/errata/RHSA-2005:828 [No Types Assigned]
Removed
Reference
https://access.redhat.com/errata/RHSA-2009:0444 [No Types Assigned]
Removed
Reference
https://access.redhat.com/security/cve/CVE-2005-2974 [No Types Assigned]
Removed
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=494826 [No Types Assigned]
CVE Modified by Red Hat, Inc. 2/02/2023 10:15:12 AM
Action
Type
Old Value
New Value
Changed
Description
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
CVE-2005-2974 giflib/libunfig: NULL pointer dereference crash
Added
Reference
https://access.redhat.com/errata/RHSA-2005:828 [No Types Assigned]
Added
Reference
https://access.redhat.com/errata/RHSA-2009:0444 [No Types Assigned]
Added
Reference
https://access.redhat.com/security/cve/CVE-2005-2974 [No Types Assigned]
Added
Reference
https://bugzilla.redhat.com/show_bug.cgi?id=494826 [No Types Assigned]
CVE Modified by Red Hat, Inc. 10/19/2018 11:34:16 AM
Action
Type
Old Value
New Value
Added
Reference
http://www.securityfocus.com/archive/1/428059/100/0/threaded [No Types Assigned]
Added
Reference
http://www.securityfocus.com/archive/1/428059/30/6300/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/428059/100/0/threaded [No Types Assigned]
Removed
Reference
http://www.securityfocus.com/archive/1/archive/1/428059/30/6300/threaded [No Types Assigned]
CVE Modified by Red Hat, Inc. 5/02/2018 9:29:31 PM
Action
Type
Old Value
New Value
Added
Reference
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10994 [No Types Assigned]
Removed
Reference
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10994 [No Types Assigned]
Initial CVE Analysis 11/03/2005 8:02:00 PM
Action
Type
Old Value
New Value
Quick Info
CVE Dictionary Entry: CVE-2005-2974 NVD
Published Date: 11/03/2005 NVD
Last Modified: 04/02/2025
Source: Red Hat, Inc.
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
