CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.
References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183263.html Mailing List Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183724.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00031.html Mailing List Third Party Advisory
http://packetstormsecurity.com/files/136757/libgd-2.1.1-Signedness.html Exploit Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-2750.html Third Party Advisory
http://seclists.org/fulldisclosure/2016/Apr/72 Exploit Mailing List Third Party Advisory
http://www.debian.org/security/2016/dsa-3556 Third Party Advisory
http://www.debian.org/security/2016/dsa-3602 Third Party Advisory
http://www.securityfocus.com/archive/1/538160/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/87087 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1035659 Broken Link Third Party Advisory VDB Entry
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.383127 Third Party Advisory
http://www.ubuntu.com/usn/USN-2987-1 Third Party Advisory
https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19 Patch Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731 Third Party Advisory
https://security.gentoo.org/glsa/201607-04 Third Party Advisory
https://security.gentoo.org/glsa/201611-22 Third Party Advisory
https://www.exploit-db.com/exploits/39736/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:libgd:libgd:2.1.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

Configuration 5 (hide)

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2016-04-26 14:59

Updated : 2024-02-28 15:21


NVD link : CVE-2016-3074

Mitre link : CVE-2016-3074

CVE.ORG link : CVE-2016-3074


JSON object : View

Products Affected

opensuse

  • opensuse

php

  • php

debian

  • debian_linux

canonical

  • ubuntu_linux

libgd

  • libgd

fedoraproject

  • fedora
CWE
CWE-681

Incorrect Conversion between Numeric Types