Lucene search
GoogleOSV:DSA-3215-1HistoryApr 06, 2015 - 12:00 a.m.
libgd2 - security update
2015-04-0600:00:00
Google
osv.dev
18
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.03 Low
EPSS
Percentile
89.6%
Multiple vulnerabilities were discovered in libgd2, a graphics library:
- CVE-2014-2497
The gdImageCreateFromXpm() function would try to dereference a NULL
pointer when reading an XPM file with a special color table. This
could allow remote attackers to cause a denial of service (crash) via
crafted XPM files. - CVE-2014-9709
Importing an invalid GIF file using the gdImageCreateFromGif() function
would cause a read buffer overflow that could allow remote attackers to
cause a denial of service (crash) via crafted GIF files.
For the stable distribution (wheezy), these problems have been fixed in
version 2.0.36~rc1~dfsg-6.1+deb7u1.
For the upcoming stable distribution (jessie), these problems have been
fixed in version 2.1.0-5.
For the unstable distribution (sid), these problems have been fixed in
version 2.1.0-5.
We recommend that you upgrade your libgd2 packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libgd2 | eq | 2.0.36~rc1~dfsg-6.1 |
References
Related
nessus
nessus
Debian DSA-3215-1 : libgd2 - security update
2015-04-08 00:00:00
Debian DLA-189-1 : libgd2 security update
2015-04-09 00:00:00
Mandriva Linux Security Advisory : libgd (MDVSA-2015:153)
2015-03-30 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-07 00:00:00
libgd / PHP security vulnerabilities
2015-04-07 00:00:00
libgd / PHP DoS
2014-07-22 00:00:00
osv
osv
libgd2 - security update
2015-04-08 00:00:00
openvas
openvas
Debian Security Advisory DSA 3215-1 (libgd2 - security update)
2015-04-06 00:00:00
Debian: Security Advisory (DSA-3215-1)
2015-04-05 00:00:00
Debian: Security Advisory (DLA-189-1)
2023-03-08 00:00:00
debian
debian
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-06 18:33:02
[SECURITY] [DLA 189-1] libgd2 security update
2015-04-08 17:24:39
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-06 18:33:02
gentoo
gentoo
GD: Multiple vulnerabilities
2016-07-16 00:00:00
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
ubuntu
ubuntu
GD library vulnerabilities
2016-05-31 00:00:00
ubuntucve
ubuntucve
CVE-2014-9709
2015-03-30 00:00:00
CVE-2014-2497
2014-03-21 00:00:00
cloudfoundry
cloudfoundry
USN-2987-1 GD library vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
f5
f5
SOL17127 - PHP vulnerability CVE-2014-9709
2015-08-14 00:00:00
K17127 : PHP vulnerability CVE-2014-9709
2015-08-14 00:00:00
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
cve
cve
CVE-2014-9709
2015-03-30 10:59:00
CVE-2014-2497
2014-03-21 14:55:00
prion
prion
Design/Logic Flaw
2015-03-30 10:59:00
Null pointer dereference
2014-03-21 14:55:00
debiancve
debiancve
CVE-2014-9709
2015-03-30 10:59:00
CVE-2014-2497
2014-03-21 14:55:00
fedora
fedora
[SECURITY] Fedora 20 Update: gd-2.1.0-8.fc20
2015-01-20 21:03:19
[SECURITY] Fedora 21 Update: gd-2.1.0-8.fc21
2015-01-19 01:34:38
[SECURITY] Fedora 20 Update: gd-2.1.0-6.fc20
2014-08-15 02:31:57
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:04
Denial Of Service (DoS)
2019-05-02 05:39:23
Sensitive Information Disclosure
2019-05-02 05:39:24
mageia
mageia
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
seebug
seebug
php-gd 'gdxpm.c'空指针拒绝服务漏洞
2014-03-17 00:00:00
PHP "gdImageCreateFromXpm()"空指针间接引用漏洞
2014-03-19 00:00:00
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for PHP5 (important)
2014-07-07 19:04:42
Security update for php53 (important)
2014-07-04 01:04:18
amazon
amazon
Medium: php55
2014-09-18 21:03:00
Important: php54
2015-04-17 12:04:00
ibm
ibm
Security Bulletin: Vulnerabilities in PHP affect IBM Chassis Management Module (CMM) (CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)
2019-01-31 01:55:01
freebsd
freebsd
Several vulnerabilities found in PHP
2015-04-16 00:00:00
redhat
redhat
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
(RHSA-2015:1053) Moderate: php55 security and bug fix update
2015-06-04 00:00:00
centos
centos
php, php53 security update
2014-09-30 10:27:47
php security update
2014-09-30 10:59:18
php security update
2015-07-09 19:23:41
slackware
slackware
[slackware-security] php
2014-09-04 22:00:56
[slackware-security] php
2015-04-22 01:22:40
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
php55 security and bug fix update
2016-02-04 00:00:00
kaspersky
kaspersky
KLA10514 Multiple vulnerabilities in PHP and plugins
2015-03-30 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.03 Low
EPSS
Percentile
89.6%
Related for OSV:DSA-3215-1