--%> SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)
[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-854-1 -- libgd2 vulnerabilities

ID: oval:org.secpod.oval:def:700361Date: (C)2011-05-13   (M)2017-10-04
Class: PATCHFamily: unix




Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. It was discovered that the GD library did not properly handle incorrect color indexes. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle certain malformed GIF images. If a user or automated system were tricked into processing a specially crafted GIF image, an attacker could cause a denial of service. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle large angle degree values. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service. This issue only affected Ubuntu 6.06 LTS

Platform:
Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product:
libgd2
Reference:
USN-854-1
CVE-2007-3475
CVE-2007-3476
CVE-2007-3477
CVE-2009-3293
CVE-2009-3546
CVE    5
CVE-2007-3477
CVE-2009-3293
CVE-2009-3546
CVE-2007-3476
...
CPE    100
cpe:/o:ubuntu:ubuntu_linux:8.04
cpe:/a:php:php:5
cpe:/a:php:php:5.2.11
cpe:/a:php:php:5.2.10
...

© 2013 SecPod Technologies