Описание
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
A vulnerability was found in gd. The function dynamicGetbuf() failed to check for out of bounds reads. An attacker could create a crafted image that would lead to a crash or, potentially, information disclosure.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | gd | Will not fix | ||
| Red Hat Enterprise Linux 5 | php | Will not fix | ||
| Red Hat Enterprise Linux 5 | php53 | Will not fix | ||
| Red Hat Enterprise Linux 6 | gd | Will not fix | ||
| Red Hat Enterprise Linux 6 | php | Will not fix | ||
| Red Hat Enterprise Linux 7 | gd | Will not fix | ||
| Red Hat Enterprise Linux 7 | php | Will not fix | ||
| Red Hat OpenShift Enterprise 2 | gd | Will not fix | ||
| Red Hat OpenShift Enterprise 2 | php | Will not fix | ||
| Red Hat Software Collections | php54-php | Will not fix |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
The dynamicGetbuf function in the GD Graphics Library (aka libgd) befo ...
The dynamicGetbuf function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
5.3 Medium
CVSS3
4.3 Medium
CVSS2