[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98218

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2017-6362

Date: (C)2017-09-11   (M)2017-11-18 


Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.

CVSS Score: 5.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 2.9Authentication: NONE
 Confidentiality: NONE
 Integrity: NONE
 Availability: PARTIAL





Reference:
DSA-3961
FEDORA-2017-7cc0e6a5f5
https://github.com/libgd/libgd/issues/381
https://github.com/libgd/libgd/releases/tag/gd-2.2.5

CPE    1
cpe:/o:debian:debian_linux:8.0
CWE    1
CWE-415
OVAL    6
oval:org.secpod.oval:def:113156
oval:org.secpod.oval:def:113247
oval:org.secpod.oval:def:113112
oval:org.secpod.oval:def:113124
...

© 2013 SecPod Technologies