PT-2016-7163 · Gd+2 · Gd Graphics Library+2

Ibrahim El-Sayed

Publicado

2016-10-14

Atualizado

2017-11-04

CVE-2016-6911

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GD Graphics Library versions prior to 2.2.4

Description The issue allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image. This is related to the dynamicGetbuf function.

Recommendations For versions prior to 2.2.4, update to version 2.2.4 or later to resolve the issue. As a temporary workaround, consider restricting the processing of TIFF images until the update is applied.

Correção

DoS

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2016-6911

DLA-665-1

DSA-3693-1

MGASA-2016-0421

OPENSUSE-SU-2016_2606-1

OPENSUSE-SU-2016_2772-1

OPENSUSE-SU-2016_2831-1

OPENSUSE-SU-2016_2837-1

SUSE-SU-2016:2668-1

SUSE-SU-2016:2670-1

SUSE-SU-2016:2681-1

SUSE-SU-2016:2683-1

SUSE-SU-2016:2683-2

SUSE-SU-2016:2766-1

SUSE-SU-2016_2668-1

SUSE-SU-2016_2670-1

SUSE-SU-2016_2681-1

SUSE-SU-2016_2683-1

SUSE-SU-2016_2683-2

SUSE-SU-2016_2766-1

USN-3117-1

Produtos afetados

Gd Graphics Library

Suse

Ubuntu

PT-2016-7163 · Gd+2 · Gd Graphics Library+2

CVE-2016-6911

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 39