CVE-2016-3074 - Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers

CVE-2016-3074

Summary

Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.

References

Vulnerable Configurations

cpe:2.3:a:libgd:libgd:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:libgd:libgd:2.1.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 09-10-2018 - 19:59)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

rhsa

id	RHSA-2016:2750

refmap via4

bid	87087
bugtraq	20160421 CVE-2016-3074: libgd: signedness vulnerability
confirm	https://github.com/libgd/libgd/commit/2bb97f407c1145c850416a3bfbcc8cf124e68a19 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731
debian	DSA-3556 DSA-3602
exploit-db	39736
fedora	FEDORA-2016-0c57b12c7b FEDORA-2016-5f91f43826
fulldisc	20160421 CVE-2016-3074: libgd: signedness vulnerability
gentoo	GLSA-201607-04 GLSA-201611-22
misc	http://packetstormsecurity.com/files/136757/libgd-2.1.1-Signedness.html
sectrack	1035659
slackware	SSA:2016-120-02
suse	openSUSE-SU-2016:1274
ubuntu	USN-2987-1

Last major update

09-10-2018 - 19:59

Published

26-04-2016 - 14:59