CVE-2016-10166 – gd: Unsigned integer underflow _gdContributionsAlloc()
https://notcve.org/view.php?id=CVE-2016-10166
Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. Desbordamiento inferior de entero en la función _gdContributionsAlloc en gd_interpolation.c en la GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.4 permite a atacantes remotos tener un impacto no especificado a través de vectores relacionados con el decremento de la variable u. • http://libgd.github.io/release-2.2.4.html http://www.debian.org/security/2017/dsa-3777 http://www.openwall.com/lists/oss-security/2017/01/26/1 http://www.openwall.com/lists/oss-security/2017/01/28/6 http://www.securityfocus.com/bid/95869 https://access.redhat.com/errata/RHSA-2019:2519 https://access.redhat.com/errata/RHSA-2019:3299 https://github.com/libgd/libgd/commit/60bfb401ad5a4a8ae995dcd36372fe15c71e1a35 https://access.redhat.com/security/cve/CVE-2016-10166 https& • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2016-6906
https://notcve.org/view.php?id=CVE-2016-6906
The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer. La función read_image_tga en gd_tga.c en la GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.4 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo TGA manipulado, relacionado con el búfer de descompresión. • http://www.debian.org/security/2017/dsa-3777 http://www.securityfocus.com/bid/96503 https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md https://github.com/libgd/libgd/commit/58b6dde319c301b0eae27d12e2a659e067d80558 https://github.com/libgd/libgd/commit/fb0e0cce0b9f25389ab56604c3547351617e1415 • CWE-125: Out-of-bounds Read •
CVE-2016-10167 – gd: DoS vulnerability in gdImageCreateFromGd2Ctx()
https://notcve.org/view.php?id=CVE-2016-10167
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file. La función gdImageCreateFromGd2Ctx en gd_gd2.c en la GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.4 permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de un archivo de imagen manipulado. A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application linked with libgd to crash, leading to denial of service. • http://libgd.github.io/release-2.2.4.html http://www.debian.org/security/2017/dsa-3777 http://www.openwall.com/lists/oss-security/2017/01/26/1 http://www.openwall.com/lists/oss-security/2017/01/28/6 http://www.securityfocus.com/bid/95869 http://www.securitytracker.com/id/1037659 https://access.redhat.com/errata/RHSA-2017:3221 https://access.redhat.com/errata/RHSA-2018:1296 https://github.com/libgd/libgd/commit/fe9ed49dafa993e3af96b6a5a589efeea9bfb36f https://www.t • CWE-20: Improper Input Validation •
CVE-2016-10168 – gd: Integer overflow in gd_io.c
https://notcve.org/view.php?id=CVE-2016-10168
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. Desbordamiento de entero en gd_io.c en la GD Graphics Library (también conocida como libgd) en versiones anteriores a 2.2.4 permite a atacantes remotos tener un impacto no especificado a través de vectores que implican el número de trozos horizontales y verticales en una imagen. An integer overflow flaw, leading to a heap-based buffer overflow was found in the way libgd read some specially-crafted gd2 files. A remote attacker could use this flaw to crash an application compiled with libgd or in certain cases execute arbitrary code with the privileges of the user running that application. • http://libgd.github.io/release-2.2.4.html http://www.debian.org/security/2017/dsa-3777 http://www.openwall.com/lists/oss-security/2017/01/26/1 http://www.openwall.com/lists/oss-security/2017/01/28/6 http://www.securityfocus.com/bid/95869 http://www.securitytracker.com/id/1037659 https://access.redhat.com/errata/RHSA-2017:3221 https://access.redhat.com/errata/RHSA-2018:1296 https://github.com/libgd/libgd/commit/69d2fd2c597ffc0c217de1238b9bf4d4bceba8e6 https://github • CWE-190: Integer Overflow or Wraparound •
CVE-2016-9317
https://notcve.org/view.php?id=CVE-2016-9317
The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image. La función gdImageCreate en GD Graphics Library (librería también conocida como libgd) en versiones anteriores a 2.2.4 permite a atacantes remotos provocar una denegación de servicio (cuelgue del sistema) a través de una imagen sobredimensionada. • http://www.debian.org/security/2017/dsa-3777 http://www.securityfocus.com/bid/95841 https://github.com/libgd/libgd/blob/gd-2.2.4/CHANGELOG.md https://github.com/libgd/libgd/commit/1846f48e5fcdde996e7c27a4bbac5d0aef183e4b • CWE-20: Improper Input Validation •