ByteOS Network

Vulnerability Details :

CVE-2007-2756

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-18 May, 2007 | 18:00

Updated At-07 Aug, 2024 | 13:49

The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:18 May, 2007 | 18:00

Updated At:07 Aug, 2024 | 13:49

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://secunia.com/advisories/26231	third-party-advisory x_refsource_SECUNIA
http://osvdb.org/36643	vdb-entry x_refsource_OSVDB
http://www.securitytracker.com/id?1018187	vdb-entry x_refsource_SECTRACK
http://secunia.com/advisories/29157	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25658	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/27110	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25590	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/26048	third-party-advisory x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/34420	vdb-entry x_refsource_XF
http://secunia.com/advisories/25362	third-party-advisory x_refsource_SECUNIA
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html	vendor-advisory x_refsource_OPENPKG
http://secunia.com/advisories/25657	third-party-advisory x_refsource_SECUNIA
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html	vendor-advisory x_refsource_FEDORA
http://secunia.com/advisories/25855	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/26967	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:122	vendor-advisory x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/2016	vdb-entry x_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200805-13.xml	vendor-advisory x_refsource_GENTOO
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	vendor-advisory x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDKSA-2007:123	vendor-advisory x_refsource_MANDRIVA
http://www.securityfocus.com/bid/24089	vdb-entry x_refsource_BID
http://www.libgd.org/ReleaseNote020035	x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-200708-05.xml	vendor-advisory x_refsource_GENTOO
http://secunia.com/advisories/30168	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:124	vendor-advisory x_refsource_MANDRIVA
http://www.vupen.com/english/advisories/2007/1904	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/26930	third-party-advisory x_refsource_SECUNIA
http://osvdb.org/35788	vdb-entry x_refsource_OSVDB
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html	vendor-advisory x_refsource_FEDORA
http://www.vupen.com/english/advisories/2007/2336	vdb-entry x_refsource_VUPEN
http://rhn.redhat.com/errata/RHSA-2007-0889.html	vendor-advisory x_refsource_REDHAT
http://www.trustix.org/errata/2007/0023/	vendor-advisory x_refsource_TRUSTIX
http://secunia.com/advisories/25353	third-party-advisory x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/3386	vdb-entry x_refsource_VUPEN
http://bugs.libgd.org/?do=details&task_id=86	x_refsource_CONFIRM
http://www.trustix.org/errata/2007/0019/	vendor-advisory x_refsource_TRUSTIX
http://secunia.com/advisories/27037	third-party-advisory x_refsource_SECUNIA
http://www.novell.com/linux/security/advisories/2007_13_sr.html	vendor-advisory x_refsource_SUSE
http://secunia.com/advisories/25378	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/27545	third-party-advisory x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200711-34.xml	vendor-advisory x_refsource_GENTOO
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm	x_refsource_CONFIRM
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863	vendor-advisory x_refsource_SLACKWARE
http://secunia.com/advisories/25646	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2008-0146.html	vendor-advisory x_refsource_REDHAT
http://www.php.net/releases/5_2_3.php	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP
https://issues.rpath.com/browse/RPL-1394	x_refsource_CONFIRM
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP
http://secunia.com/advisories/25535	third-party-advisory x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187	vendor-advisory x_refsource_MANDRIVA
http://secunia.com/advisories/27102	third-party-advisory x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779	vdb-entry signature x_refsource_OVAL
http://secunia.com/advisories/26895	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25787	third-party-advisory x_refsource_SECUNIA
http://secunia.com/advisories/25575	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0890.html	vendor-advisory x_refsource_REDHAT
http://www.vupen.com/english/advisories/2007/1905	vdb-entry x_refsource_VUPEN
http://secunia.com/advisories/26390	third-party-advisory x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2007-0891.html	vendor-advisory x_refsource_REDHAT
http://www.ubuntu.com/usn/usn-473-1	vendor-advisory x_refsource_UBUNTU
http://secunia.com/advisories/26871	third-party-advisory x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html	vendor-advisory x_refsource_SUSE

Hyperlink: http://secunia.com/advisories/26231

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://osvdb.org/36643

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: http://www.securitytracker.com/id?1018187

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://secunia.com/advisories/29157

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/25658

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/27110

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/25590

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/26048

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34420

Resource:

vdb-entry

x_refsource_XF

Hyperlink: http://secunia.com/advisories/25362

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html

Resource:

vendor-advisory

x_refsource_OPENPKG

Hyperlink: http://secunia.com/advisories/25657

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://secunia.com/advisories/25855

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/26967

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:122

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.vupen.com/english/advisories/2007/2016

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://security.gentoo.org/glsa/glsa-200805-13.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:123

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.securityfocus.com/bid/24089

Resource:

vdb-entry

x_refsource_BID

Hyperlink: http://www.libgd.org/ReleaseNote020035

Resource:

x_refsource_CONFIRM

Hyperlink: http://security.gentoo.org/glsa/glsa-200708-05.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://secunia.com/advisories/30168

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:124

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://www.vupen.com/english/advisories/2007/1904

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/26930

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://osvdb.org/35788

Resource:

vdb-entry

x_refsource_OSVDB

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html

Resource:

vendor-advisory

x_refsource_FEDORA

Hyperlink: http://www.vupen.com/english/advisories/2007/2336

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://rhn.redhat.com/errata/RHSA-2007-0889.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.trustix.org/errata/2007/0023/

Resource:

vendor-advisory

x_refsource_TRUSTIX

Hyperlink: http://secunia.com/advisories/25353

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.vupen.com/english/advisories/2007/3386

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://bugs.libgd.org/?do=details&task_id=86

Resource:

x_refsource_CONFIRM

Hyperlink: http://www.trustix.org/errata/2007/0019/

Resource:

vendor-advisory

x_refsource_TRUSTIX

Hyperlink: http://secunia.com/advisories/27037

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html

Resource:

vendor-advisory

x_refsource_SUSE

Hyperlink: http://secunia.com/advisories/25378

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/27545

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-34.xml

Resource:

vendor-advisory

x_refsource_GENTOO

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm

Resource:

x_refsource_CONFIRM

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863

Resource:

vendor-advisory

x_refsource_SLACKWARE

Hyperlink: http://secunia.com/advisories/25646

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0146.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.php.net/releases/5_2_3.php

Resource:

x_refsource_CONFIRM

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: https://issues.rpath.com/browse/RPL-1394

Resource:

x_refsource_CONFIRM

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

Hyperlink: http://secunia.com/advisories/25535

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:187

Resource:

vendor-advisory

x_refsource_MANDRIVA

Hyperlink: http://secunia.com/advisories/27102

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779

Resource:

vdb-entry

signature

x_refsource_OVAL

Hyperlink: http://secunia.com/advisories/26895

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/25787

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://secunia.com/advisories/25575

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0890.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.vupen.com/english/advisories/2007/1905

Resource:

vdb-entry

x_refsource_VUPEN

Hyperlink: http://secunia.com/advisories/26390

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0891.html

Resource:

vendor-advisory

x_refsource_REDHAT

Hyperlink: http://www.ubuntu.com/usn/usn-473-1

Resource:

vendor-advisory

x_refsource_UBUNTU

Hyperlink: http://secunia.com/advisories/26871

Resource:

third-party-advisory

x_refsource_SECUNIA

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

Resource:

vendor-advisory

x_refsource_SUSE

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://secunia.com/advisories/26231	third-party-advisory x_refsource_SECUNIA x_transferred
http://osvdb.org/36643	vdb-entry x_refsource_OSVDB x_transferred
http://www.securitytracker.com/id?1018187	vdb-entry x_refsource_SECTRACK x_transferred
http://secunia.com/advisories/29157	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/25658	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/27110	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/25590	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/26048	third-party-advisory x_refsource_SECUNIA x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/34420	vdb-entry x_refsource_XF x_transferred
http://secunia.com/advisories/25362	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html	vendor-advisory x_refsource_OPENPKG x_transferred
http://secunia.com/advisories/25657	third-party-advisory x_refsource_SECUNIA x_transferred
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html	vendor-advisory x_refsource_FEDORA x_transferred
http://secunia.com/advisories/25855	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/26967	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:122	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.vupen.com/english/advisories/2007/2016	vdb-entry x_refsource_VUPEN x_transferred
http://security.gentoo.org/glsa/glsa-200805-13.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:123	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.securityfocus.com/bid/24089	vdb-entry x_refsource_BID x_transferred
http://www.libgd.org/ReleaseNote020035	x_refsource_CONFIRM x_transferred
http://security.gentoo.org/glsa/glsa-200708-05.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://secunia.com/advisories/30168	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:124	vendor-advisory x_refsource_MANDRIVA x_transferred
http://www.vupen.com/english/advisories/2007/1904	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/26930	third-party-advisory x_refsource_SECUNIA x_transferred
http://osvdb.org/35788	vdb-entry x_refsource_OSVDB x_transferred
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html	vendor-advisory x_refsource_FEDORA x_transferred
http://www.vupen.com/english/advisories/2007/2336	vdb-entry x_refsource_VUPEN x_transferred
http://rhn.redhat.com/errata/RHSA-2007-0889.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.trustix.org/errata/2007/0023/	vendor-advisory x_refsource_TRUSTIX x_transferred
http://secunia.com/advisories/25353	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.vupen.com/english/advisories/2007/3386	vdb-entry x_refsource_VUPEN x_transferred
http://bugs.libgd.org/?do=details&task_id=86	x_refsource_CONFIRM x_transferred
http://www.trustix.org/errata/2007/0019/	vendor-advisory x_refsource_TRUSTIX x_transferred
http://secunia.com/advisories/27037	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.novell.com/linux/security/advisories/2007_13_sr.html	vendor-advisory x_refsource_SUSE x_transferred
http://secunia.com/advisories/25378	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/27545	third-party-advisory x_refsource_SECUNIA x_transferred
http://security.gentoo.org/glsa/glsa-200711-34.xml	vendor-advisory x_refsource_GENTOO x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm	x_refsource_CONFIRM x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863	vendor-advisory x_refsource_SLACKWARE x_transferred
http://secunia.com/advisories/25646	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0146.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.php.net/releases/5_2_3.php	x_refsource_CONFIRM x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP x_transferred
https://issues.rpath.com/browse/RPL-1394	x_refsource_CONFIRM x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	vendor-advisory x_refsource_HP x_transferred
http://secunia.com/advisories/25535	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187	vendor-advisory x_refsource_MANDRIVA x_transferred
http://secunia.com/advisories/27102	third-party-advisory x_refsource_SECUNIA x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779	vdb-entry signature x_refsource_OVAL x_transferred
http://secunia.com/advisories/26895	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/25787	third-party-advisory x_refsource_SECUNIA x_transferred
http://secunia.com/advisories/25575	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0890.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.vupen.com/english/advisories/2007/1905	vdb-entry x_refsource_VUPEN x_transferred
http://secunia.com/advisories/26390	third-party-advisory x_refsource_SECUNIA x_transferred
http://www.redhat.com/support/errata/RHSA-2007-0891.html	vendor-advisory x_refsource_REDHAT x_transferred
http://www.ubuntu.com/usn/usn-473-1	vendor-advisory x_refsource_UBUNTU x_transferred
http://secunia.com/advisories/26871	third-party-advisory x_refsource_SECUNIA x_transferred
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html	vendor-advisory x_refsource_SUSE x_transferred

Hyperlink: http://secunia.com/advisories/26231

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://osvdb.org/36643

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: http://www.securitytracker.com/id?1018187

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://secunia.com/advisories/29157

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/25658

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/27110

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/25590

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/26048

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34420

Resource:

vdb-entry

x_refsource_XF

x_transferred

Hyperlink: http://secunia.com/advisories/25362

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html

Resource:

vendor-advisory

x_refsource_OPENPKG

x_transferred

Hyperlink: http://secunia.com/advisories/25657

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://secunia.com/advisories/25855

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/26967

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:122

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/2016

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200805-13.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:123

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.securityfocus.com/bid/24089

Resource:

vdb-entry

x_refsource_BID

x_transferred

Hyperlink: http://www.libgd.org/ReleaseNote020035

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200708-05.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://secunia.com/advisories/30168

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:124

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/1904

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/26930

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://osvdb.org/35788

Resource:

vdb-entry

x_refsource_OSVDB

x_transferred

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html

Resource:

vendor-advisory

x_refsource_FEDORA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/2336

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://rhn.redhat.com/errata/RHSA-2007-0889.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.trustix.org/errata/2007/0023/

Resource:

vendor-advisory

x_refsource_TRUSTIX

x_transferred

Hyperlink: http://secunia.com/advisories/25353

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/3386

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://bugs.libgd.org/?do=details&task_id=86

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://www.trustix.org/errata/2007/0019/

Resource:

vendor-advisory

x_refsource_TRUSTIX

x_transferred

Hyperlink: http://secunia.com/advisories/27037

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

Hyperlink: http://secunia.com/advisories/25378

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/27545

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-34.xml

Resource:

vendor-advisory

x_refsource_GENTOO

x_transferred

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863

Resource:

vendor-advisory

x_refsource_SLACKWARE

x_transferred

Hyperlink: http://secunia.com/advisories/25646

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0146.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.php.net/releases/5_2_3.php

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: https://issues.rpath.com/browse/RPL-1394

Resource:

x_refsource_CONFIRM

x_transferred

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Resource:

vendor-advisory

x_refsource_HP

x_transferred

Hyperlink: http://secunia.com/advisories/25535

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:187

Resource:

vendor-advisory

x_refsource_MANDRIVA

x_transferred

Hyperlink: http://secunia.com/advisories/27102

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779

Resource:

vdb-entry

signature

x_refsource_OVAL

x_transferred

Hyperlink: http://secunia.com/advisories/26895

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/25787

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://secunia.com/advisories/25575

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0890.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.vupen.com/english/advisories/2007/1905

Resource:

vdb-entry

x_refsource_VUPEN

x_transferred

Hyperlink: http://secunia.com/advisories/26390

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0891.html

Resource:

vendor-advisory

x_refsource_REDHAT

x_transferred

Hyperlink: http://www.ubuntu.com/usn/usn-473-1

Resource:

vendor-advisory

x_refsource_UBUNTU

x_transferred

Hyperlink: http://secunia.com/advisories/26871

Resource:

third-party-advisory

x_refsource_SECUNIA

x_transferred

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

Resource:

vendor-advisory

x_refsource_SUSE

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:18 May, 2007 | 18:30

Updated At:11 Oct, 2017 | 01:32

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P

Type: Primary

Version: 2.0

Base score: 4.3

Base severity: MEDIUM

Vector:

AV:N/AC:M/Au:N/C:N/I:N/A:P

CPE Matches

libgd>>libgd>>2.0.34

cpe:2.3:a:libgd:libgd:2.0.34:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

Vendor Statements

Organization : Red Hat

Last Modified : 2007-05-22T00:00:00

Red Hat does not consider this flaw to be a security vulnerability. We are not aware of any long running processes using libgd which could not recover from this condition.

References

Hyperlink	Source	Resource
http://bugs.libgd.org/?do=details&task_id=86	cve@mitre.org	Patch
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795	cve@mitre.org	N/A
http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html	cve@mitre.org	N/A
http://osvdb.org/35788	cve@mitre.org	N/A
http://osvdb.org/36643	cve@mitre.org	N/A
http://rhn.redhat.com/errata/RHSA-2007-0889.html	cve@mitre.org	N/A
http://secunia.com/advisories/25353	cve@mitre.org	N/A
http://secunia.com/advisories/25362	cve@mitre.org	N/A
http://secunia.com/advisories/25378	cve@mitre.org	N/A
http://secunia.com/advisories/25535	cve@mitre.org	N/A
http://secunia.com/advisories/25575	cve@mitre.org	N/A
http://secunia.com/advisories/25590	cve@mitre.org	N/A
http://secunia.com/advisories/25646	cve@mitre.org	N/A
http://secunia.com/advisories/25657	cve@mitre.org	N/A
http://secunia.com/advisories/25658	cve@mitre.org	N/A
http://secunia.com/advisories/25787	cve@mitre.org	N/A
http://secunia.com/advisories/25855	cve@mitre.org	N/A
http://secunia.com/advisories/26048	cve@mitre.org	N/A
http://secunia.com/advisories/26231	cve@mitre.org	N/A
http://secunia.com/advisories/26390	cve@mitre.org	N/A
http://secunia.com/advisories/26871	cve@mitre.org	N/A
http://secunia.com/advisories/26895	cve@mitre.org	N/A
http://secunia.com/advisories/26930	cve@mitre.org	N/A
http://secunia.com/advisories/26967	cve@mitre.org	N/A
http://secunia.com/advisories/27037	cve@mitre.org	N/A
http://secunia.com/advisories/27102	cve@mitre.org	N/A
http://secunia.com/advisories/27110	cve@mitre.org	N/A
http://secunia.com/advisories/27545	cve@mitre.org	N/A
http://secunia.com/advisories/29157	cve@mitre.org	N/A
http://secunia.com/advisories/30168	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200708-05.xml	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200711-34.xml	cve@mitre.org	N/A
http://security.gentoo.org/glsa/glsa-200805-13.xml	cve@mitre.org	N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863	cve@mitre.org	N/A
http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm	cve@mitre.org	N/A
http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml	cve@mitre.org	N/A
http://www.libgd.org/ReleaseNote020035	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:122	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:123	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:124	cve@mitre.org	N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2007:187	cve@mitre.org	N/A
http://www.novell.com/linux/security/advisories/2007_13_sr.html	cve@mitre.org	N/A
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html	cve@mitre.org	N/A
http://www.php.net/releases/5_2_3.php	cve@mitre.org	N/A
http://www.redhat.com/support/errata/RHSA-2007-0890.html	cve@mitre.org	N/A
http://www.redhat.com/support/errata/RHSA-2007-0891.html	cve@mitre.org	N/A
http://www.redhat.com/support/errata/RHSA-2008-0146.html	cve@mitre.org	N/A
http://www.securityfocus.com/bid/24089	cve@mitre.org	N/A
http://www.securitytracker.com/id?1018187	cve@mitre.org	N/A
http://www.trustix.org/errata/2007/0019/	cve@mitre.org	N/A
http://www.trustix.org/errata/2007/0023/	cve@mitre.org	N/A
http://www.ubuntu.com/usn/usn-473-1	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/1904	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/1905	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/2016	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/2336	cve@mitre.org	N/A
http://www.vupen.com/english/advisories/2007/3386	cve@mitre.org	N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/34420	cve@mitre.org	N/A
https://issues.rpath.com/browse/RPL-1394	cve@mitre.org	N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html	cve@mitre.org	N/A
https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html	cve@mitre.org	N/A

Hyperlink: http://bugs.libgd.org/?do=details&task_id=86

Source: cve@mitre.org

Resource:

Patch

Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01178795

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2007-07/msg00006.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://osvdb.org/35788

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://osvdb.org/36643

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://rhn.redhat.com/errata/RHSA-2007-0889.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25353

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25362

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25378

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25535

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25575

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25590

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25646

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25657

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25658

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25787

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/25855

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26048

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26231

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26390

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26871

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26895

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26930

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/26967

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/27037

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/27102

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/27110

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/27545

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/29157

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://secunia.com/advisories/30168

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://security.gentoo.org/glsa/glsa-200708-05.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://security.gentoo.org/glsa/glsa-200711-34.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://security.gentoo.org/glsa/glsa-200805-13.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.482863

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2007-449.htm

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200710-02.xml

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.libgd.org/ReleaseNote020035

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:122

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:123

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:124

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:187

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.novell.com/linux/security/advisories/2007_13_sr.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.020.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.php.net/releases/5_2_3.php

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0890.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.redhat.com/support/errata/RHSA-2007-0891.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0146.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securityfocus.com/bid/24089

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.securitytracker.com/id?1018187

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.trustix.org/errata/2007/0019/

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.trustix.org/errata/2007/0023/

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.ubuntu.com/usn/usn-473-1

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/1904

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/1905

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/2016

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/2336

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.vupen.com/english/advisories/2007/3386

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/34420

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://issues.rpath.com/browse/RPL-1394

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10779

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00354.html

Source: cve@mitre.org

Resource: N/A

Hyperlink: https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00397.html

Source: cve@mitre.org

Resource: N/A

Similar CVEs

13Records found

CVE-2021-40812

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-0.14% / 34.64%

7 Day CHG~0.00%

Published-08 Sep, 2021 | 00:00

Updated-29 Oct, 2024 | 14:35

The GD Graphics Library (aka LibGD) through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks.

Vendor-libgd n/a

Product-libgd n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2007-3473

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-20.30% / 95.30%

7 Day CHG~0.00%

Published-28 Jun, 2007 | 18:00

Updated-07 Aug, 2024 | 14:21

The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.

Vendor-libgd n/a

Product-gd_graphics_library n/a

CVE-2016-6906

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.45% / 62.62%

7 Day CHG~0.00%

Published-15 Mar, 2017 | 14:00

Updated-20 Apr, 2025 | 01:37

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.

Vendor-libgd n/a

Product-libgd n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2016-6911

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-5.5||MEDIUM

EPSS-0.67% / 70.41%

7 Day CHG~0.00%

Published-26 Jan, 2017 | 15:00

Updated-20 Apr, 2025 | 01:37

The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.

Vendor-libgd n/a

Product-libgd n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2018-14553

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-7.5||HIGH

EPSS-0.74% / 71.89%

7 Day CHG~0.00%

Published-11 Feb, 2020 | 00:00

Updated-05 Aug, 2024 | 09:29

gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).

Vendor-libgd n/a Canonical Ltd.openSUSE Fedora Project Debian GNU/Linux

Product-ubuntu_linux debian_linux fedora libgd leap n/a

CWE ID-CWE-476

NULL Pointer Dereference

CVE-2016-6905

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-1.09% / 76.99%

7 Day CHG~0.00%

Published-03 Oct, 2016 | 21:00

Updated-12 Apr, 2025 | 10:46

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

Vendor-libgd n/a openSUSE

Product-libgd leap opensuse n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2016-6161

Matching Score-8

Assigner-Debian GNU/Linux

View Details

Matching Score-8

Assigner-Debian GNU/Linux

CVSS Score-6.5||MEDIUM

EPSS-0.40% / 60.01%

7 Day CHG~0.00%

Published-12 Aug, 2016 | 15:00

Updated-12 Apr, 2025 | 10:46

The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

Vendor-libgd n/a Debian GNU/Linux openSUSE

Product-libgd debian_linux leap n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2016-6207

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-5.02% / 89.32%

7 Day CHG~0.00%

Published-12 Aug, 2016 | 15:00

Updated-12 Apr, 2025 | 10:46

Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.

Vendor-libgd n/a The PHP Group Debian GNU/Linux openSUSE

Product-libgd debian_linux leap php n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-190

Integer Overflow or Wraparound

CWE ID-CWE-787

Out-of-bounds Write

CVE-2016-6214

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-7.27% / 91.26%

7 Day CHG~0.00%

Published-12 Aug, 2016 | 15:00

Updated-12 Apr, 2025 | 10:46

gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Vendor-libgd n/a Debian GNU/Linux openSUSE

Product-libgd debian_linux leap n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2016-6132

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-2.14% / 83.50%

7 Day CHG~0.00%

Published-12 Aug, 2016 | 15:00

Updated-12 Apr, 2025 | 10:46

The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Vendor-libgd n/a Debian GNU/Linux openSUSE

Product-libgd debian_linux leap n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2016-10167

Matching Score-8

Assigner-Debian GNU/Linux

View Details

Matching Score-8

Assigner-Debian GNU/Linux

CVSS Score-5.5||MEDIUM

EPSS-0.73% / 71.72%

7 Day CHG-0.25%

Published-15 Mar, 2017 | 15:00

Updated-20 Apr, 2025 | 01:37

The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.

Vendor-libgd n/a

Product-libgd n/a

CWE ID-CWE-20

Improper Input Validation

CVE-2007-3472

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-4.3||MEDIUM

EPSS-9.15% / 92.36%

7 Day CHG~0.00%

Published-28 Jun, 2007 | 18:00

Updated-07 Aug, 2024 | 14:21

Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.

Vendor-libgd n/a

Product-gd_graphics_library n/a

CWE ID-CWE-189

Not Available

CVE-2021-38115

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-6.5||MEDIUM

EPSS-0.29% / 52.11%

7 Day CHG~0.00%

Published-04 Aug, 2021 | 00:00

Updated-04 Aug, 2024 | 01:30

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

Vendor-libgd n/a

Product-libgd n/a

CWE ID-CWE-125

Out-of-bounds Read

CVE-2007-2756

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs