Описание
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | gd | Will not fix | ||
| Red Hat Enterprise Linux 5 | libwmf | Will not fix | ||
| Red Hat Enterprise Linux 5 | php | Will not fix | ||
| Red Hat Enterprise Linux 5 | php53 | Will not fix | ||
| Red Hat Enterprise Linux 6 | gd | Will not fix | ||
| Red Hat Enterprise Linux 6 | libwmf | Will not fix | ||
| Red Hat Enterprise Linux 6 | php | Will not fix | ||
| Red Hat Enterprise Linux 7 | gd | Will not fix | ||
| Red Hat Enterprise Linux 7 | libwmf | Will not fix | ||
| Red Hat Enterprise Linux 7 | php | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1489842gd: Double free in the gdImagePngPtr function
EPSS
Процентиль: 84%
0.02144
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 8 лет назад
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
CVSS3: 7.5
nvd
больше 8 лет назад
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
CVSS3: 7.5
debian
больше 8 лет назад
Double free vulnerability in the gdImagePngPtr function in libgd2 befo ...
EPSS
Процентиль: 84%
0.02144
Низкий
5.3 Medium
CVSS3