CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 1CVE-2015-8877 – gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches
https://notcve.org/view.php?id=CVE-2015-8877
22 May 2016 — The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function. La función gdImageScaleTwoPass en gd_interpolation.c en el GD Graphics Library (también conocido como libgd) en versiones anteriores a 2.2.0, como es utilizado en PHP e... • http://rhn.redhat.com/errata/RHSA-2016-2750.html • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 9.8EPSS: 51%CPEs: 13EXPL: 5CVE-2016-3074 – libgd 2.1.1 - Signedness Heap Overflow
https://notcve.org/view.php?id=CVE-2016-3074
21 Apr 2016 — Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow. Error de entero sin signo en GD Graphics Library 2.1.1 (también conocida como libgd o libgd2) permite a atacantes remotos provocar una denegación de servicio (caída) o potencialmente ejecutar código arbitrario a través de datos gd2 comprimidos manipulados, lo... • https://packetstorm.news/files/id/140537 • CWE-122: Heap-based Buffer Overflow CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 9.8EPSS: 12%CPEs: 12EXPL: 1CVE-2014-9709 – gd: buffer read overflow in gd_gif_in.c
https://notcve.org/view.php?id=CVE-2014-9709
30 Mar 2015 — The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function. La función GetCode_ en gd_gif_in.c en GD 2.1.1 y anteriores, utilizado en PHP anterior a 5.5.21 y 5.6.x anterior a 5.6.5, permite a atacantes remotos causar una denegación de servicio (sobre lectura de buffer y caí... • http://advisories.mageia.org/MGASA-2015-0040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 13EXPL: 0CVE-2009-3546 – gd: insufficient input validation in _gdGetColors()
https://notcve.org/view.php?id=CVE-2009-3546
19 Oct 2009 — The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. La función _gdGetColors en el archivo gd_gd.c en PHP versión 5.2.11 y versiones 5.3.x anteriores a 5.3.1, y G... • http://marc.info/?l=oss-security&m=125562113503923&w=2 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 5%CPEs: 9EXPL: 0CVE-2007-3474 – Mandriva Linux Security Advisory 2007.164
https://notcve.org/view.php?id=CVE-2007-3474
28 Jun 2007 — Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 have unspecified impact and user-assisted remote attack vectors. Múltiples vulnerabilidades no especificadas en GD Graphics Library (libgd) anterior a versión 2.0.35, tienen un impacto no especificado y vectores de ataque remoto asistidos por el usuario. Xavier Roche discovered an infinite loop in the gdPngReadData() function when processing a truncated PNG file. An integer overflow has been discovered in... • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 0CVE-2007-3472 – libgd Integer overflow in TrueColor code
https://notcve.org/view.php?id=CVE-2007-3472
28 Jun 2007 — Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact. Un desbordamiento enteros en la función gdImageCreateTrueColor en GD Graphics Library (libgd) anterior a versión 2.0.35 permite a los atacantes remotos asistidos por el usuario tener vectores de ataque no especificados y un impacto. Xavier Roche discovered an infinite loop in the gdPngReadData() function when processing a tr... • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 19%CPEs: 1EXPL: 1CVE-2007-3473 – GD Graphics Library 2.0.34 - 'libgd' gdImageCreateXbm Function Unspecified Denial of Service
https://notcve.org/view.php?id=CVE-2007-3473
28 Jun 2007 — The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. La función gdImageCreateXbm en GD Graphics Library (libgd) anterior a 2.0.35 permite a atacantes remotos con la complicidad del usuario provocar una denegación de servicio (caída) mediante vectores no especificados que involucran un fallo en gdImageCreate. Xavier Roche discovered an infinite loop i... • https://www.exploit-db.com/exploits/30251 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 6%CPEs: 9EXPL: 1CVE-2007-3477 – Slackware Security Advisory - libwmf Updates
https://notcve.org/view.php?id=CVE-2007-3477
28 Jun 2007 — The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. Las funciones (a) imagearc y (b) imagefilledarc en GD Graphics Library (libgd) anterior a versión 2.0.35, permiten a los atacantes causar una denegación de servicio (consumo de CPU) por medio de un largo valor (1) de inicio o (2) de grado de ángulo final. Tomas Hoger discovered that the GD library di... • ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/gd-2.0.35-i486-1_slack11.0.tgz • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 6%CPEs: 1EXPL: 0CVE-2007-2756 – gd / php-gd ImageCreateFromPng infinite loop caused by truncated PNG
https://notcve.org/view.php?id=CVE-2007-2756
18 May 2007 — The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng. La función gdPngReadData del libgd 2.0.34 permite a atacantes con la intervención del usuario provocar una denegación de servicio (agotamiento de CPU) a través de imágenes PNG modificadas con datos truncados, lo que provoca un bucle infinito en la función png_read_info del l... • http://bugs.libgd.org/?do=details&task_id=86 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •