Download
| Alert*
|
oval:org.secpod.oval:def:1800269
CVE-2016-6906: The read_image_tga function in gd_tga.c in the GD Graphics Library before 2.2.4 allows remote attackers to cause a denial of service via a crafted TGA file, related to the decompression buffer. oval:org.secpod.oval:def:89044742 This update for gd fixes the following security issues: - CVE-2016-6906: An out-of-bounds read in TGA decompression was fixed which could have lead to crashes. - CVE-2016-6912: Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library allowed remote attackers to have unspe ... oval:org.secpod.oval:def:111991 A library for reading and converting Windows MetaFile vector graphics . oval:org.secpod.oval:def:703490 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:112187 A library for reading and converting Windows MetaFile vector graphics . oval:org.secpod.oval:def:51732 libgd2: GD Graphics Library The GD library could be made to crash or run programs if it processed a specially crafted image file. oval:org.secpod.oval:def:602761 Multiple vulnerabilities have been discovered in libgd2, a library for programmatic graphics creation and manipulation, which may result in denial of service or potentially the execution of arbitrary code if a malformed file is processed. oval:org.secpod.oval:def:1800347 CVE-2016-6906: The read_image_tga function in gd_tga.c in the GD Graphics Library before 2.2.4 allows remote attackers to cause a denial of service via a crafted TGA file, related to the decompression buffer. oval:org.secpod.oval:def:89044520 This update for php53 fixes the following security issues: - CVE-2016-7478: When unserializing untrusted input data, PHP could end up in an infinite loop, causing denial of service - CVE-2016-10158: The exif_convert_any_to_int function in ext/exif/exif.c in PHP allowed remote attackers to cause a d ... oval:org.secpod.oval:def:505023 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php71-php . Security Fix: * gd: Unsigned integer underflow _gdContributionsAlloc * php: Out of bounds access in php_pcre.c:php_pcre_replac ... oval:org.secpod.oval:def:2105112 Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable. oval:org.secpod.oval:def:504902 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php72-php . Security Fix: * php: underflow in env_path_info in fpm_main.c * gd: Unsigned integer underflow _gdContributionsAlloc * gd: He ... |
