[SECURITY] Fedora 27 Update: gd-2.2.5-1.fc27

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

UBUNTU-CVE-2017-14929

In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls aka a Gfx.cc infinite loop, a different vulnerability than...

Mozilla: Buffer overflow when drawing and validating elements with ANGLE (MFSA 2017-22)

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR...

CVE-2017-7824

A buffer overflow occurs when drawing and validating elements with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. This vulnerability affects Firefox 56, Firefox ESR...

Security vulnerabilities fixed in Firefox 56 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A spoofing vulnerability can occur when a page switches to fullscreen mode without user notification, allowing a fake addre...

Security vulnerabilities fixed in Firefox ESR 52.4 — Mozilla

A use-after-free vulnerability can occur in the Fetch API when the worker or the associated window are freed when still in use, resulting in a potentially exploitable crash. A use-after-free vulnerability can occur when manipulating arrays of Accessible Rich Internet Applications ARIA elements...

Tenable SecurityCenter PHP < 5.6.31 Multiple Vulnerabilities (TNS-2017-12

The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of PHP : - An out-of-bounds read error exists in the PCRE library in the compilebracketmatchingpath function within file...

Google Chrome heap buffer overflow vulnerability (CNVD-2017-31821)

Google Chrome is an open source web browser. Google Chrome WebGL suffers from a heap buffer overflow vulnerability that allows remote attackers to exploit the vulnerability by submitting a special WEB page, tricking the user into parsing it, and executing arbitrary code...

DEBIAN-CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

USN-3410-2: GD library vulnerability

USN-3410-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the GD Graphics Library aka libgd incorrectly handled certain malformed PNG images. A remote attacker could use this issue...

USN-3410-1: GD library vulnerability

It was discovered that the GD Graphics Library aka libgd incorrectly handled certain malformed PNG images. A remote attacker could use this issue to cause the GD Graphics Library to crash, resulting in a denial of service, or possibly execute arbitrary code...

[SECURITY] Fedora 26 Update: gd-2.2.5-1.fc26

The gd graphics library allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and to write out the result as a PNG or JPEG file. This is particularly useful in Web applications, where PNG and JPEG are two of the...

UBUNTU-CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

UBUNTU-CVE-2017-13648

In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c...

USN-3389-2: GD vulnerability

USN-3389-1 fixed a vulnerability in GD Graphics Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: A vulnerability was discovered in GD Graphics Library aka libgd, as used in PHP that does not zero colorMap arrays before use. A specially crafte...

USN-3389-1 libgd2 vulnerability

A vulnerability was discovered in GD Graphics Library aka libgd, as used in PHP that does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read bytes from the top of the stack...

USN-3389-1: GD vulnerability

A vulnerability was discovered in GD Graphics Library aka libgd, as used in PHP that does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read bytes from the top of the stack...

Juniper Issues Security Alert Tied to Routers and Switches

Juniper Networks warned customers Thursday of a high-risk vulnerability in the GD graphics library that could allow a remote attacker to take control of systems running certain versions of the Junos OS. The alert was in conjunction with a warning from the U.S. Computer Emergency Readiness Team...

ALPINE-CVE-2017-7890

The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read 700 bytes from the top of the...

DEBIAN-CVE-2017-7890

The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read 700 bytes from the top of the...