Gdlib Security Vulnerabilities and Issues — Gdlib CVE List

Lucene search

Gd Graphics LibraryGdlib

5 matches found

CVE•added 2005/02/09 5:0 a.m.•95 views

CVE-2004-0941

Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function, a different set of vulnerabilities than CVE-2004-0990.

10CVSS8.1AI score0.36679EPSS

CVE•added 2005/03/01 5:0 a.m.•65 views

CVE-2004-0990

Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPng...

10CVSS7.9AI score0.36679EPSS

CVE•added 2007/06/28 6:30 p.m.•60 views

CVE-2007-3475

The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.

4.3CVSS6.1AI score0.11807EPSS

CVE•added 2007/06/28 6:30 p.m.•56 views

CVE-2007-3476

Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault.

4.3CVSS6.1AI score0.05183EPSS

CVE•added 2007/06/28 6:30 p.m.•45 views

CVE-2007-3478

Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support.

4.3CVSS6.3AI score0.1182EPSS