9 matches found
MGASA-2020-0098 Updated libgd packages fix security vulnerability
The updated packages fix a security vulnerability: gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. CVE-2018-14553...
MGASA-2019-0073 Updated libgd packages fix security vulnerability
gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5 has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger calls to the function with crafted image data CVE-2019-6977. The GD Graphics Library aka LibGD 2.2.5 has a double free in th...
Updated libgd packages fix security vulnerabilities
The updated packages fix security vulnerabilities: gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated...
MGASA-2017-0246 Updated php and libgd packages fix security vulnerabilities
Buffer over-read into uninitialized memory in libgd CVE-2017-7890. Security issues from bundled oniguruma in php-mbstring CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229...
MGASA-2016-0421 Updated libgd packages fixe security vulnerabilities
Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed Tiff images. If a user or automated system were tricked into processing a specially crafted Tiff image, an attacker could cause a denial of service CVE-2016-6911. Emmanuel Law discovered that the GD library...
MGASA-2016-0242 Updated libgd packages fix security vulnerability
Stack overflow with imagefilltoborder CVE-2015-8874. Integer Overflow in gd2GetHeader resulting in heap overflow CVE-2016-5766. Integer Overflow in gdImagePaletteToTrueColor resulting in heap overflow CVE-2016-5767. Improperly handling invalid color index in gdImageCropThreshold could result in...
Updated libgd packages fix CVE-2015-8874
Updated libgd packages fix security vulnerability: It was discovered that there was a stack consumption vulnerability in the libgd2 graphics library which allowed remote attackers to cause a denial of service via a crafted imagefilltoborder call CVE-2015-8874...
Debian DSA-601-1 : libgd - integer overflow
More potential integer overflows have been found in the GD graphics library which weren't covered by our security advisory DSA 589. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine. %NASLMINLEVEL 70300 C Tenable Netwo...
libgd integer overflow
Integer overflow during PNG format parsing...