CVE-2016-6207

🗓️ 12 Aug 2016 15:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 174 Views

Integer overflow in _gdContributionsAlloc function in gd_interpolation.c in libgd before 2.2.3 allows remote attackers to cause denial of service

Reporter	Title	Published	Views	Family All 128
FreeBSD	gd -- multiple vulnerabilities	21 Jul 201600:00	–	freebsd
Tenable Nessus	PHP 5.5.x < 5.5.38 / 5.6.x < 5.6.24 / 7.0.x < 7.0.9 Multiple Vulnerabilities	5 Aug 201600:00	–	nessus
Tenable Nessus	Debian DSA-3630-1 : libgd2 - security update	27 Jul 201600:00	–	nessus
Tenable Nessus	Fedora 23 : gd (2016-0de0e0ee0c)	6 Oct 201600:00	–	nessus
Tenable Nessus	Fedora 24 : gd (2016-615f3bf06e)	25 Jul 201600:00	–	nessus
Tenable Nessus	FreeBSD : gd -- multiple vulnerabilities (556d2286-5a51-11e6-a6c3-14dae9d210b8)	5 Aug 201600:00	–	nessus
Tenable Nessus	GLSA-201612-09 : GD: Multiple vulnerabilities	5 Dec 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : gd (openSUSE-2016-1003)	22 Aug 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : gd (openSUSE-2016-1108)	26 Sep 201600:00	–	nessus
Tenable Nessus	openSUSE Security Update : php5 (openSUSE-2016-1156)	5 Oct 201600:00	–	nessus

NVD

Node

libgd libgdRange≤2.2.2

Node

php phpRange5.5.0–5.5.38

php phpRange5.6.0–5.6.24

php phpRange7.0.0–7.0.9

Source	Link
lists	www.lists.opensuse.org/opensuse-updates/2016-09/msg00078.html
security	www.security.gentoo.org/glsa/201612-09
secunia	www.secunia.com/secunia_research/2016-9/
bugs	www.bugs.php.net/bug.php
lists	www.lists.opensuse.org/opensuse-updates/2016-08/msg00086.html
libgd	www.libgd.github.io/release-2.2.3.html
securityfocus	www.securityfocus.com/archive/1/539100/100/0/threaded
debian	www.debian.org/security/2016/dsa-3630
securitytracker	www.securitytracker.com/id/1036535
rhn	www.rhn.redhat.com/errata/RHSA-2016-2750.html

06 May 2026 22:30Current

6.7Medium risk

Vulners AI Score6.7

CVSS 24.3

CVSS 3.16.5

EPSS0.08719