ID CVE-2004-0990
Summary Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
References
Vulnerable Configurations
  • cpe:2.3:a:gd_graphics_library:gdlib:1.8.4
    cpe:2.3:a:gd_graphics_library:gdlib:1.8.4
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.1
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.1
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.15
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.15
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.20
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.20
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.21
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.21
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.22
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.22
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.23
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.23
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.26
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.26
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.27
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.27
  • cpe:2.3:a:gd_graphics_library:gdlib:2.0.28
    cpe:2.3:a:gd_graphics_library:gdlib:2.0.28
  • OpenPKG 2.1
    cpe:2.3:a:openpkg:openpkg:2.1
  • OpenPKG 2.2
    cpe:2.3:a:openpkg:openpkg:2.2
  • cpe:2.3:a:openpkg:openpkg:current
    cpe:2.3:a:openpkg:openpkg:current
  • Gentoo Linux
    cpe:2.3:o:gentoo:linux
  • SuSE SuSE Linux 8.0
    cpe:2.3:o:suse:suse_linux:8.0
  • SuSE SuSE Linux 8.1
    cpe:2.3:o:suse:suse_linux:8.1
  • SuSE SuSE Linux 8.2
    cpe:2.3:o:suse:suse_linux:8.2
  • SuSE SuSE Linux 9.0
    cpe:2.3:o:suse:suse_linux:9.0
  • cpe:2.3:o:suse:suse_linux:9.0:-:x86_64
    cpe:2.3:o:suse:suse_linux:9.0:-:x86_64
  • SuSE SuSE Linux 9.1
    cpe:2.3:o:suse:suse_linux:9.1
  • SuSE SuSE Linux 9.2
    cpe:2.3:o:suse:suse_linux:9.2
  • Trustix Secure Linux 1.5
    cpe:2.3:o:trustix:secure_linux:1.5
  • Trustix Secure Linux 2.0
    cpe:2.3:o:trustix:secure_linux:2.0
  • Trustix Secure Linux 2.1
    cpe:2.3:o:trustix:secure_linux:2.1
  • Trustix Secure Linux 2.2
    cpe:2.3:o:trustix:secure_linux:2.2
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description GD Graphics Library Heap Overflow Proof of Concept Exploit. CVE-2004-0990. Local exploit for linux platform
id EDB-ID:600
last seen 2016-01-31
modified 2004-10-26
published 2004-10-26
reporter N/A
source https://www.exploit-db.com/download/600/
title GD Graphics Library Heap Overflow Proof of Concept Exploit
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_GD_2029_1.NASL
    description The following package needs to be updated: gd
    last seen 2016-09-26
    modified 2011-10-03
    plugin id 15801
    published 2004-11-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15801
    title FreeBSD : gd -- integer overflow (55)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-113.NASL
    description Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Tetex contains an embedded copy of the GD library code. (CVE-2004-0990) The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop. Tetex contains an embedded copy of the GD library code. (CVE-2006-2906) Updated packages have been patched to address both issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 21770
    published 2006-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21770
    title Mandrake Linux Security Advisory : tetex (MDKSA-2006:113)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-122.NASL
    description Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function. One instance in gd_io_dp.c does not appear to be corrected in the embedded copy of GD used in php to build the php-gd package. (CVE-2004-0941) Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. PHP, as packaged in Mandriva Linux, contains an embedded copy of the GD library, used to build the php-gd package. (CVE-2004-0990) The c-client library 2000, 2001, or 2004 for PHP 3.x, 4.x, and 5.x, when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions. (CVE-2006-1017) Integer overflow in the wordwrap function in string.c in might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different vulnerability than CVE-2002-1396. (CVE-2006-1990) The previous update for this issue did not resolve the issue on 64bit platforms. The cURL library (libcurl) in PHP 4.4.2 and 5.1.4 allows attackers to bypass safe mode and read files via a file:// request containing nul characters. (CVE-2006-2563) Buffer consumption vulnerability in the tempnam function in PHP 5.1.4 and 4.x before 4.4.3 allows local users to bypass restrictions and create PHP files with fixed names in other directories via a pathname argument longer than MAXPATHLEN, which prevents a unique string from being appended to the filename. (CVE-2006-2660) The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers to cause a denial of service (CPU consumption) via malformed GIF data that causes an infinite loop. PHP, as packaged in Mandriva Linux, contains an embedded copy of the GD library, used to build the php-gd package. (CVE-2006-2906) The error_log function in PHP allows local users to bypass safe mode and open_basedir restrictions via a 'php://' or other scheme in the third argument, which disables safe mode. (CVE-2006-3011) An unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to 'certain characters in session names', including special characters that are frequently associated with CRLF injection, SQL injection, and cross-site scripting (XSS) vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name(). (CVE-2006-3016) An unspecified vulnerability in PHP before 5.1.3 can prevent a variable from being unset even when the unset function is called, which might cause the variable's value to be used in security-relevant operations. (CVE-2006-3017) An unspecified vulnerability in the session extension functionality in PHP before 5.1.3 has unkown impact and attack vectors related to heap corruption. (CVE-2006-3018) Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990. (CVE-2006-4482) The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related to the realpath cache. (CVE-2006-4483) Unspecified vulnerability in PHP before 5.1.6, when running on a 64-bit system, has unknown impact and attack vectors related to the memory_limit restriction. (CVE-2006-4486) The GD related issues (CVE-2004-0941, CVE-2004-0990, CVE-2006-2906) affect only Corporate 3 and Mandrake Network Firewall 2. The php-curl issues (CVE-2006-2563, CVE-2006-4483) affect only Mandriva 2006.0. Updated packages have been patched to address all these issues. Once these packages have been installed, you will need to restart Apache (service httpd restart) in order for the changes to take effect.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 22053
    published 2006-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22053
    title Mandrake Linux Security Advisory : php (MDKSA-2006:122)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_622399682F2A11D9A9E70001020EED82.NASL
    description infamous41md reports about the GD Graphics Library : There is an integer overflow when allocating memory in the routine that handles loading PNG image files. This later leads to heap data structures being overwritten. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 37225
    published 2009-04-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=37225
    title FreeBSD : gd -- integer overflow (62239968-2f2a-11d9-a9e7-0001020eed82)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-589.NASL
    description 'infamous41md' discovered several integer overflows in the PNG image decoding routines of the GD graphics library. This could lead to the execution of arbitrary code on the victim's machine.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15687
    published 2004-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15687
    title Debian DSA-589-1 : libgd1 - integer overflows
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-601.NASL
    description More potential integer overflows have been found in the GD graphics library which weren't covered by our security advisory DSA 589. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15844
    published 2004-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15844
    title Debian DSA-601-1 : libgd - integer overflow
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-411.NASL
    description Several buffer overflows were reported in various memory allocation calls. An attacker could create a carefully crafted image file in such a way that it could cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0990 to these issues. Whilst researching the fixes to these overflows, additional buffer overflows were discovered in calls to gdMalloc. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0941 to these issues. Users of gd should upgrade to these updated packages, which contain a backported security patch, and are not vulnerable to these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 15732
    published 2004-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15732
    title Fedora Core 2 : gd-2.0.21-5.20.1 (2004-411)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-412.NASL
    description Several buffer overflows were reported in various memory allocation calls. An attacker could create a carefully crafted image file in such a way that it could cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0990 to these issues. Whilst researching the fixes to these overflows, additional buffer overflows were discovered in calls to gdMalloc. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0941 to these issues. Users of gd should upgrade to these updated packages, which contain a backported security patch, and are not vulnerable to these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 15733
    published 2004-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15733
    title Fedora Core 3 : gd-2.0.28-1.30.1 (2004-412)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-21-1.NASL
    description Several buffer overflows have been discovered in libgd's PNG handling functions. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo website that lets users upload images. Therefore this vulnerability might lead to privilege escalation to a web server's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20627
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20627
    title Ubuntu 4.10 : libgd vulnerabilities (USN-21-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200411-08.NASL
    description The remote host is affected by the vulnerability described in GLSA-200411-08 (GD: Integer overflow) infamous41md found an integer overflow in the memory allocation procedure of the GD routine that handles loading PNG image files. Impact : A remote attacker could entice a user to load a carefully crafted PNG image file in a GD-powered application, or send a PNG image to a web application which uses GD PNG decoding functions. This could potentially lead to execution of arbitrary code with the rights of the program loading the image. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-19
    plugin id 15619
    published 2004-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15619
    title GLSA-200411-08 : GD: Integer overflow
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-33-1.NASL
    description CAN-2004-0990 described several buffer overflows which had been discovered in libgd's PNG handling functions. Another update is required because the update from USN-21-1 was not sufficient to prevent every possible attack. If an attacker tricks a user into loading a malicious PNG or XPM image, they could leverage this into executing arbitrary code in the context of the user opening image. This vulnerability might lead to privilege escalation in customized systems that use server applications which link libgd. However, Warty does not ship such server applications (PHP in Warty uses libgd2 which was already fixed in USN-25-1). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20649
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20649
    title Ubuntu 4.10 : libgd vulnerabilities (USN-33-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-638.NASL
    description Updated gd packages that fix security issues with overflow in various memory allocation calls are now available. [Updated 24 May 2005] Multilib packages have been added to this advisory The gd packages contain a graphics library used for the dynamic creation of images such as PNG and JPEG. Several buffer overflows were reported in various memory allocation calls. An attacker could create a carefully crafted image file in such a way that it could cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0990 to these issues. While researching the fixes to these overflows, additional buffer overflows were discovered in calls to gdMalloc. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0941 to these issues. Users of gd should upgrade to these updated packages, which contain a backported security patch, and are not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 15995
    published 2004-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15995
    title RHEL 2.1 / 3 : gd (RHSA-2004:638)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-11-1.NASL
    description Several buffer overflows have been discovered in libgd's PNG handling functions. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo website that lets users upload images. Therefore this vulnerability might lead to privilege escalation to a web server's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20496
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20496
    title Ubuntu 4.10 : libgd2 vulnerabilities (USN-11-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-25-1.NASL
    description CAN-2004-0990 described several more buffer overflows which had been discovered in libgd2's PNG handling functions. However, it was determined that the update from USN-11-1 was not sufficient to prevent every possible attack, so another update is required. If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo website that lets users upload images. Therefore this vulnerability might lead to privilege escalation to a web server's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20640
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20640
    title Ubuntu 4.10 : libgd2 vulnerability (USN-25-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-114.NASL
    description Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function. (CVE-2004-0941) Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. Libwmf contains an embedded copy of the GD library code. (CVE-2004-0990) Update : The previous update incorrectly attributed the advisory text to CVE-2004-0941, while it should have been CVE-2004-0990. Additional review of the code found fixes for CVE-2004-0941 were missing and have also been included in this update.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 21776
    published 2006-06-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21776
    title Mandrake Linux Security Advisory : libwmf (MDKSA-2006:114-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-591.NASL
    description 'infamous41md' discovered several integer overflows in the PNG image decoding routines of the GD graphics library. This could lead to the execution of arbitrary code on the victim's machine.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15689
    published 2004-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15689
    title Debian DSA-591-1 : libgd2 - integer overflows
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2004-638.NASL
    description Updated gd packages that fix security issues with overflow in various memory allocation calls are now available. [Updated 24 May 2005] Multilib packages have been added to this advisory The gd packages contain a graphics library used for the dynamic creation of images such as PNG and JPEG. Several buffer overflows were reported in various memory allocation calls. An attacker could create a carefully crafted image file in such a way that it could cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0990 to these issues. While researching the fixes to these overflows, additional buffer overflows were discovered in calls to gdMalloc. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0941 to these issues. Users of gd should upgrade to these updated packages, which contain a backported security patch, and are not vulnerable to these issues.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 21793
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21793
    title CentOS 3 : gd (CESA-2004:638)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-132.NASL
    description Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. The updated packages have been patched to prevent these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 15737
    published 2004-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15737
    title Mandrake Linux Security Advisory : gd (MDKSA-2004:132)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-602.NASL
    description More potential integer overflows have been found in the GD graphics library which weren't covered by our security advisory DSA 591. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15845
    published 2004-11-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15845
    title Debian DSA-602-1 : libgd2 - integer overflow
oval via4
  • accepted 2005-08-18T07:37:00.000-04:00
    class vulnerability
    contributors
    name Jay Beale
    organization Bastille Linux
    description Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
    family unix
    id oval:org.mitre.oval:def:1260
    status accepted
    submitted 2005-06-27T12:00:00.000-04:00
    title Integer Overflow in libgd2
    version 2
  • accepted 2013-04-29T04:23:35.760-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
    family unix
    id oval:org.mitre.oval:def:9952
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
    version 23
redhat via4
advisories
rhsa
id RHSA-2004:638
refmap via4
bid 11523
bugtraq 20041026 libgd integer overflow
ciac P-071
confirm https://issues.rpath.com/browse/RPL-939
debian
  • DSA-589
  • DSA-591
  • DSA-601
  • DSA-602
mandrake MDKSA-2004:132
mandriva
  • MDKSA-2006:113
  • MDKSA-2006:114
  • MDKSA-2006:122
osvdb 11190
secunia
  • 18717
  • 20824
  • 20866
  • 21050
  • 23783
suse SUSE-SR:2006:003
trustix 2004-0058
ubuntu
  • USN-11-1
  • USN-25-1
xf gd-png-bo(17866)
Last major update 07-12-2016 - 21:59
Published 01-03-2005 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top