CVE-2016-6905

Опубликовано: 03 окт. 2016

Источник: debian

EPSS Низкий

Описание

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libgd2	fixed	2.2.2-29-g3c2b605-1		package
libgd2	not-affected		wheezy	package

Примечания

https://github.com/libgd/libgd/issues/248
https://github.com/libgd/libgd/pull/251
https://github.com/libgd/libgd/commit/5a3f19e962b507560c9206965087db4dc0ad107f
Fixed by: https://github.com/libgd/libgd/commit/3c2b605d72e8b080dace1d98a6e50b46c1d12186
followed by: https://github.com/libgd/libgd/commit/01c61f8ab110a77ae64b5ca67c244c728c506f03
https://www.openwall.com/lists/oss-security/2016/07/12/4

EPSS

Процентиль: 78%

0.01086

Низкий

Связанные уязвимости

CVE-2016-6905

CVSS3: 6.5

ubuntu

больше 9 лет назад

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

CVE-2016-6905

CVSS3: 4

redhat

больше 9 лет назад

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

CVE-2016-6905

CVSS3: 6.5

nvd

больше 9 лет назад

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

GHSA-6hhv-cvx8-rhvf

CVSS3: 6.5

github

больше 3 лет назад

The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.

openSUSE-SU-2016:2363-1

suse-cvrf

больше 9 лет назад

Security update for gd

EPSS

Процентиль: 78%

0.01086

Низкий