LibGD CVE-2019-6977 Heap Buffer Overflow Vulnerability

🗓️ 26 Jan 2019 00:00:00Reported by Symantec Security ResponseType

LibGD heap buffer overflow vulnerability CVE-2019-6977. Exploitation leads to arbitrary code execution and denial-of-service. Vulnerable versions include LibGD 2.2.5

Reporter	Title	Published	Views	Family All 150
0day.today	PHP 7.2 - imagecolormatch() Out of Band Heap Write Exploit	9 Apr 201900:00	–	zdt
GithubExploit	Exploit for Out-of-bounds Write in Libgd	5 Mar 201910:25	–	githubexploit
GithubExploit	Exploit for Use After Free in Apache Http_Server	12 May 201910:08	–	githubexploit
IBM Security Bulletins	Security Bulletin: API Connect's Developer Portal is impacted by vulnerabilities in PHP	3 Mar 202002:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2019-6978, CVE-2019-6977)	7 Dec 202322:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in PHP (CVE-2019-6977) (CVE-2019-6978)	9 Jan 202018:44	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0054: gd (ALINUX3-SA-2022:0054)	14 May 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : gd (ALSA-2020:4659)	9 Feb 202200:00	–	nessus
Tenable Nessus	CentOS 8 : gd (CESA-2020:4659)	1 Feb 202100:00	–	nessus
Tenable Nessus	Debian DLA-1651-1 : libgd2 security update	31 Jan 201900:00	–	nessus

Source	Link
gist	www.gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
php	www.php.net/ChangeLog-5.php
bugs	www.bugs.php.net/bug.php
php	www.php.net/ChangeLog-7.php
php	www.php.net/

26 Jan 2019 00:00Current

EPSS0.87883