Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-110958
HistoryJan 15, 2019 - 12:00 a.m.

libgd CVE-2019-6978 Double Free Multiple Denial of Service Vulnerabilities

2019-01-1500:00:00
Symantec Security Response
www.symantec.com
45
JSON

Description

libgd is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause a denial-of-service condition. libgd version 2.2.5 is vulnerable; other versions may also be affected.

Technologies Affected

  • LibGD LibGD 2.1.0
  • LibGD LibGD 2.1.1
  • LibGD LibGD 2.2.0
  • LibGD LibGD 2.2.1
  • LibGD LibGD 2.2.3
  • LibGD LibGD 2.2.4
  • LibGD LibGD 2.2.5
  • Redhat CodeReady Linux Builder for ARM 64 8
  • Redhat CodeReady Linux Builder for IBM z Systems 8
  • Redhat CodeReady Linux Builder for Power little endian 8
  • Redhat CodeReady Linux Builder for x86_64 8
  • Redhat Enterprise Linux 5
  • Redhat Enterprise Linux 6
  • Redhat Enterprise Linux 7
  • Redhat Enterprise Linux for ARM 64 8
  • Redhat Enterprise Linux for IBM z Systems 8
  • Redhat Enterprise Linux for Power little endian 8
  • Redhat Enterprise Linux for x86_64 8
  • Ubuntu Ubuntu Linux 14.04 LTS
  • Ubuntu Ubuntu Linux 16.04 LTS
  • Ubuntu Ubuntu Linux 18.04 LTS
  • Ubuntu Ubuntu Linux 18.10

Recommendations

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of a successful exploit.

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from a successful exploit.

Do not accept or execute files from untrusted or unknown sources.
To reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.

Do not follow links provided by unknown or untrusted sources.
To reduce the likelihood of successful exploits, never visit sites of questionable integrity or follow links provided by unfamiliar or untrusted sources.

Updates are available. Please see the references or vendor advisory for more information.

Related

prion 1
fedora 6
nessus 43
veracode 1
almalinux 2
amazon 3
osv 7
openvas 27
debiancve 1
cve 3
alpinelinux 1
mageia 2
oraclelinux 3
redhatcve 1
ubuntucve 1
redhat 4
rocky 2
centos 1
suse 4
debian 3
ibm 2
ubuntu 1
cloudfoundry 1
gentoo 1
slackware 1
photon 2
prion
prion
Double free
2019-01-28 08:29:00
fedora
fedora
[SECURITY] Fedora 28 Update: libwmf-0.2.12-1.fc28
2019-02-10 02:36:40
[SECURITY] Fedora 29 Update: libwmf-0.2.12-1.fc29
2019-02-10 02:34:15
[SECURITY] Fedora 30 Update: gd-2.2.5-9.fc30
2019-11-09 22:40:43
nessus
nessus
Fedora 29 : libwmf (2019-76fbe24cab)
2019-02-11 00:00:00
Rocky Linux 8 : libwmf (RLSA-2019:2722)
2023-11-07 00:00:00
RHEL 7 : libwmf (RHSA-2020:3943)
2020-09-30 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-10-01 03:50:25
almalinux
almalinux
Low: libwmf security update
2019-09-10 15:32:59
Moderate: gd security update
2020-11-03 12:24:40
amazon
amazon
Low: libwmf
2019-03-21 18:35:00
Low: libwmf
2020-10-22 18:24:00
Low: libwmf
2019-03-07 06:01:00
osv
osv
Low: libwmf security update
2019-09-10 15:32:59
CVE-2019-6978
2019-01-28 08:29:00
Low: libwmf security update
2019-09-10 15:32:59
openvas
openvas
Fedora Update for libwmf FEDORA-2019-76fbe24cab
2019-05-07 00:00:00
Mageia: Security Advisory (MGASA-2019-0085)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2019-1715)
2020-01-23 00:00:00
debiancve
debiancve
CVE-2019-6978
2019-01-28 08:29:00
cve
cve
CVE-2019-6978
2019-01-28 08:29:00
CVE-2018-15878
2019-06-20 19:15:00
CVE-2018-15879
2019-06-20 19:15:00
alpinelinux
alpinelinux
CVE-2019-6978
2019-01-28 08:29:00
mageia
mageia
Updated libwmf packages fix security vulnerability
2019-02-14 11:38:16
Updated libgd packages fix security vulnerability
2019-02-13 14:08:25
oraclelinux
oraclelinux
libwmf security update
2019-09-12 00:00:00
libwmf security and bug fix update
2020-10-06 00:00:00
gd security update
2020-11-10 00:00:00
redhatcve
redhatcve
CVE-2019-6978
2020-04-04 05:30:05
ubuntucve
ubuntucve
CVE-2019-6978
2019-01-28 00:00:00
redhat
redhat
(RHSA-2019:2722) Low: libwmf security update
2019-09-10 15:32:59
(RHSA-2020:3943) Low: libwmf security and bug fix update
2020-09-29 07:45:29
(RHSA-2020:4659) Moderate: gd security update
2020-11-03 12:24:40
rocky
rocky
libwmf security update
2019-09-10 15:32:59
gd security update
2020-11-03 12:24:40
centos
centos
libwmf security update
2020-10-20 18:27:09
suse
suse
Security update for gd (moderate)
2019-04-04 00:00:00
Security update for libwmf (important)
2022-05-04 00:00:00
Security update for gd (moderate)
2019-04-05 00:00:00
debian
debian
[SECURITY] [DSA 4384-1] libgd2 security update
2019-02-04 20:58:09
[SECURITY] [DSA 4384-1] libgd2 security update
2019-02-04 20:58:09
[SECURITY] [DLA 1651-1] libgd2 security update
2019-01-30 20:45:03
ibm
ibm
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in PHP (CVE-2019-6977) (CVE-2019-6978)
2020-01-09 18:44:17
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in PHP (CVE-2019-6978, CVE-2019-6977)
2023-12-07 22:45:07
ubuntu
ubuntu
GD vulnerabilities
2019-02-28 00:00:00
cloudfoundry
cloudfoundry
USN-3900-1: GD vulnerabilities | Cloud Foundry
2019-03-07 00:00:00
gentoo
gentoo
GD: Multiple vulnerabilities
2019-03-28 00:00:00
slackware
slackware
[slackware-security] gd
2020-03-23 20:45:50
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0128
2019-02-13 00:00:00
Critical Photon OS Security Update - PHSA-2019-0128
2019-02-13 00:00:00
JSON
Related for SMNTC-110958
prion1fedora6nessus43veracode1almalinux2amazon3osv7openvas27debiancve1cve3alpinelinux1mageia2oraclelinux3redhatcve1ubuntucve1redhat4rocky2centos1suse4debian3ibm2ubuntu1cloudfoundry1gentoo1slackware1photon2