Lucene search
K

231 matches found

OSV
OSV
added 2018/01/19 12:0 a.m.29 views

DLA-1248-1 libgd2 - security update

Bulletin has no description...

5.5CVSS6.6AI score0.13204EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/01/19 12:0 a.m.39 views

Debian DLA-1248-1 : libgd2 security update

It was discovered that there was a denial of service attack in the libgd2 image library. A corrupt file could have exploited a signedness confusion leading to an infinite loop. For Debian 7 'Wheezy', this issue has been fixed in libgd2 version 2.0.36rc1dfsg-6.1+deb7u11. We recommend that you...

5.5CVSS6.5AI score0.13204EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2018/01/16 12:0 a.m.49 views

CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

5.5CVSS6.8AI score0.13204EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2018/01/12 12:0 a.m.6 views

The vulnerability of the GIF-decoding function `gdImageCreateFromGifCtx` in the `libgd2` library for creating and working with programmable graphics allows a perpetrator to compromise confidential information.

The vulnerability of the GIF-decoding function gdImageCreateFromGifCtx gdgifin.c in the library for creating and working with programmable graphics, libgd2, is related to the lack of cleanup of allocated color buffer spaces before their use. Exploiting this vulnerability could allow an attacker t...

6.5CVSS7.2AI score0.03418EPSS
Exploits0References10Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/09/25 12:0 a.m.28 views

Debian DLA-1106-1 : libgd2 security update

A double-free vulnerability was discovered in the gdImagePngPtr function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a specially crafted file is processed. For Debian 7 'Wheezy',...

7.5CVSS7.7AI score0.05102EPSS
Exploits0References3
Debian
Debian
added 2017/09/22 4:26 p.m.45 views

[SECURITY] [DLA 1106-1] libgd2 security update

Package : libgd2 Version : 2.0.36rc1dfsg-6.1+deb7u10 CVE ID : CVE-2017-6362 A double-free vulnerability was discovered in the gdImagePngPtr function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of...

7.5CVSS8.3AI score0.05102EPSS
Exploits0
OSV
OSV
added 2017/09/22 12:0 a.m.26 views

DLA-1106-1 libgd2 - security update

Bulletin has no description...

7.5CVSS7.5AI score0.05102EPSS
Exploits0
Mageia
Mageia
added 2017/09/21 1:43 p.m.31 views

Updated libwmf packages fix security vulnerability

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. CVE-2017-6362...

7.5CVSS5.2AI score0.05102EPSS
Exploits0References3
OSV
OSV
added 2017/09/21 1:43 p.m.10 views

MGASA-2017-0351 Updated libwmf packages fix security vulnerability

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors. CVE-2017-6362...

7.5CVSS7.3AI score0.05102EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2017/09/08 1:30 p.m.25 views

CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS4.8AI score0.05102EPSS
Exploits0References1
Prion
Prion
added 2017/09/07 1:29 p.m.18 views

Double free

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

5CVSS7AI score0.05102EPSS
Exploits0References4Affected Software4
NVD
NVD
added 2017/09/07 1:29 p.m.17 views

CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS7.2AI score0.05102EPSS
Exploits0References4
OSV
OSV
added 2017/09/07 1:29 p.m.3 views

ALPINE-CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS6.8AI score0.05102EPSS
Exploits0References1
OSV
OSV
added 2017/09/07 1:29 p.m.25 views

CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS7.2AI score
Exploits0References4
Cvelist
Cvelist
added 2017/09/07 1:0 p.m.30 views

CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.2AI score0.05102EPSS
Exploits0References4
CVE
CVE
added 2017/09/07 1:0 p.m.192 views

CVE-2017-6362

CVE-2017-6362 is a double-free in libgd2’s gdImagePngPtr() prior to 2.2.5, enabling remote denial of service via vectors related to a palette with no colors. Debs/Mageia advisories report the fix to libgd2 2.2.5; some sources note potential arbitrary code execution on crafted input. No exploit de...

7.5CVSS7.1AI score0.05102EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2017/09/07 1:0 p.m.49 views

CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS7.3AI score0.05102EPSS
Exploits0
Debian CVE
Debian CVE
added 2017/09/07 1:0 p.m.41 views

CVE-2017-6362

Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors...

7.5CVSS7.5AI score0.05102EPSS
Exploits0
OSV
OSV
added 2017/09/05 3:51 p.m.3 views

USN-3410-1 libgd2 vulnerability

It was discovered that the GD Graphics Library aka libgd incorrectly handled certain malformed PNG images. A remote attacker could use this issue to cause the GD Graphics Library to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.3AI score0.05102EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/09/05 12:0 a.m.25 views

Debian DSA-3961-1 : libgd2 - security update

A double-free vulnerability was discovered in the gdImagePngPtr function in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a specially crafted file is processed. %NASLMINLEVEL 70300 C...

7.5CVSS7.7AI score0.05102EPSS
Exploits0References4
Rows per page
Query Builder