[ MDVSA-2009:284 ] gd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:284 http://www.mandriva.com/security/ Package : gd Date : October 20, 2009 Affected: 2009.0, 2009.1, Corporate 3.0, Corporate 4.0, Enterprise Server 5.0, Multi Network Firewall 2.0 Problem Description: A...

Buffer overflow

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

CVE-2009-3546

CVE-2009-3546 affects PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x. The _gdGetColors function in gd_gd.c does not properly verify a colorsTotal structure member, which might allow remote attackers to perform buffer overflow or buffer over-read via a crafted GD file. This is ...

CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

CVE-2009-3546

The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

gd -- '_gdGetColors' remote buffer overflow vulnerability

CVE reports: The gdGetColors function in gdgd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different...

[SECURITY] Fedora 11 Update: ocaml-camlimages-3.0.1-7.fc11.2

CamlImages is an image processing library for Objective CAML, which provide s: basic functions for image processing and loading/saving, various image file formats hence providing a translation facility from format to format, and an interface with the Caml graphics library allows to display images...

RedHat Security Advisory RHSA-2009:0457

The remote host is missing updates announced in advisory RHSA-2009:0457. libwmf is a library for reading and converting Windows Metafile Format WMF vector graphics. libwmf is used by applications such as GIMP and ImageMagick. A pointer use-after-free flaw was found in the GD graphics library...

libwmf security update

CentOS Errata and Security Advisory CESA-2009:0457 Updated libwmf packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libwmf is a library for reading and...

DEBIAN-CVE-2009-1364

Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted WMF file...

RHEL 4 / 5 : libwmf (RHSA-2009:0457)

Updated libwmf packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libwmf is a library for reading and converting Windows Metafile Format WMF vector...

Moderate: Red Hat Security Advisory: libwmf security update

Updated libwmf packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. libwmf is a library for reading and converting Windows Metafile Format WMF vector...

OpenJDK Buffer overflow in image processing (6726779)

Buffer overflow in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.218 and earlier; and SDK and JRE 1.3.123 and earlier might allow remote attackers to execute arbitrary code, related to a ConvolveOp operation in the...

php: libgd imagerotate() array index error memory disclosure

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument aka the bgdcolor or clrBack argument for an indexed image...

php: buffer overflow in the imageloadfont function in gd extension

Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted font file...

Mandriva Update for php MDKSA-2007:038 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDKSA-2007:038 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Mandriva Update for libwmf MDKSA-2007:036 (libwmf)

Check for the Version of libwmf OpenVAS Vulnerability Test Mandriva Update for libwmf MDKSA-2007:036 libwmf Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for gd MDKSA-2007:153 (gd)

Check for the Version of gd OpenVAS Vulnerability Test Mandriva Update for gd MDKSA-2007:153 gd Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...