Lucene search
Ubuntu.comUB:CVE-2014-2497HistoryMar 21, 2014 - 12:00 a.m.
CVE-2014-2497
2014-03-2100:00:00
ubuntu.com
ubuntu.com
9
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.01 Low
EPSS
Percentile
83.5%
The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP
5.4.26 and earlier, allows remote attackers to cause a denial of service
(NULL pointer dereference and application crash) via a crafted color table
in an XPM file.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | php5 uses the system libgd2 php5 in quantal and earlier arenβt built with xpm support |
Related
securityvulns
securityvulns
libgd / PHP DoS
2014-07-22 00:00:00
[ MDVSA-2014:133 ] gd
2014-07-22 00:00:00
libgd / PHP security vulnerabilities
2015-04-07 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0288)
2022-01-28 00:00:00
Fedora Update for gd FEDORA-2015-0432
2015-01-19 00:00:00
Fedora Update for gd FEDORA-2015-0503
2015-01-21 00:00:00
cvelist
cvelist
CVE-2014-2497
2014-03-21 14:00:00
nessus
nessus
Fedora 20 : gd-2.1.0-8.fc20 (2015-0503)
2015-01-21 00:00:00
Fedora 21 : gd-2.1.0-8.fc21 (2015-0432)
2015-01-20 00:00:00
Mandriva Linux Security Advisory : gd (MDVSA-2014:133)
2014-07-11 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: gd-2.1.0-8.fc21
2015-01-19 01:34:38
[SECURITY] Fedora 20 Update: gd-2.1.0-8.fc20
2015-01-20 21:03:19
[SECURITY] Fedora 20 Update: gd-2.1.0-6.fc20
2014-08-15 02:31:57
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:04
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
mageia
mageia
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
Updated php packages fix multiple vulnerabilities
2014-07-09 02:29:20
prion
prion
Null pointer dereference
2014-03-21 14:55:00
nvd
nvd
CVE-2014-2497
2014-03-21 14:55:12
seebug
seebug
PHP "gdImageCreateFromXpm()"η©Ίζιι΄ζ₯εΌη¨ζΌζ΄
2014-03-19 00:00:00
php-gd 'gdxpm.c'η©Ίζιζη»ζε‘ζΌζ΄
2014-03-17 00:00:00
cve
cve
CVE-2014-2497
2014-03-21 14:55:12
debiancve
debiancve
CVE-2014-2497
2014-03-21 14:55:12
debian
debian
[SECURITY] [DLA 189-1] libgd2 security update
2015-04-08 17:24:39
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-06 18:33:02
[SECURITY] [DSA 3215-1] libgd2 security update
2015-04-06 18:33:02
osv
osv
libgd2 - security update
2015-04-06 00:00:00
libgd2 - security update
2015-04-08 00:00:00
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for PHP5 (important)
2014-07-07 19:04:42
Security update for php53 (important)
2014-07-04 01:04:18
gentoo
gentoo
GD: Multiple vulnerabilities
2016-07-16 00:00:00
PHP: Multiple vulnerabilities
2014-08-29 00:00:00
amazon
amazon
Medium: php55
2014-09-18 21:03:00
ibm
ibm
Security Bulletin: Vulnerabilities in php5 affect IBM Flex System Manager (FSM): (CVE-2013-4248 CVE-2013-6420 CVE-2014-2497 CVE-2014-4049)
2019-01-31 01:30:01
cloudfoundry
cloudfoundry
USN-2987-1 GD library vulnerabilities | Cloud Foundry
2016-06-13 00:00:00
ubuntu
ubuntu
GD library vulnerabilities
2016-05-31 00:00:00
redhat
redhat
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
f5
f5
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
centos
centos
php, php53 security update
2014-09-30 10:27:47
php security update
2014-09-30 10:59:18
slackware
slackware
[slackware-security] php
2014-09-04 22:00:56
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
php security and bug fix update
2015-06-23 00:00:00
hackerone
hackerone
Yahoo!: Out of date version
2014-03-30 08:47:50
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.01 Low
EPSS
Percentile
83.5%
Related for UB:CVE-2014-2497