10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.132 Low
EPSS
Percentile
95.0%
The gd package contains a graphics library used for the dynamic creation of
images such as PNG and JPEG.
Several buffer overflow flaws were found in the way gd allocates memory.
An attacker could create a carefully crafted image that could execute
arbitrary code if opened by a victim using a program linked against the gd
library. The Common Vulnerabilities and Exposures project (cve.mitre.org)
assigned the name CVE-2004-0941 to these issues.
Users of gd should upgrade to these updated packages, which contain a
backported patch and is not vulnerable to these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | s390x | gd-devel | < 2.0.28-4.4E.1 | gd-devel-2.0.28-4.4E.1.s390x.rpm |
RedHat | any | ppc | gd-progs | < 2.0.28-4.4E.1 | gd-progs-2.0.28-4.4E.1.ppc.rpm |
RedHat | any | i386 | gd | < 2.0.28-4.4E.1 | gd-2.0.28-4.4E.1.i386.rpm |
RedHat | any | s390 | gd-progs | < 2.0.28-4.4E.1 | gd-progs-2.0.28-4.4E.1.s390.rpm |
RedHat | any | ia64 | gd-devel | < 2.0.28-4.4E.1 | gd-devel-2.0.28-4.4E.1.ia64.rpm |
RedHat | any | ia64 | gd | < 2.0.28-4.4E.1 | gd-2.0.28-4.4E.1.ia64.rpm |
RedHat | any | s390 | gd | < 2.0.28-4.4E.1 | gd-2.0.28-4.4E.1.s390.rpm |
RedHat | any | src | gd | < 2.0.28-4.4E.1 | gd-2.0.28-4.4E.1.src.rpm |
RedHat | any | x86_64 | gd-progs | < 2.0.28-4.4E.1 | gd-progs-2.0.28-4.4E.1.x86_64.rpm |
RedHat | any | s390 | gd-devel | < 2.0.28-4.4E.1 | gd-devel-2.0.28-4.4E.1.s390.rpm |